Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2017-15412
Vulnerability from cvelistv5
Published
2018-08-28 19:00
Modified
2024-08-05 19:57
Severity ?
EPSS score ?
Summary
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Google Chrome prior to 63.0.3239.84 unknown |
Version: Google Chrome prior to 63.0.3239.84 unknown |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T19:57:26.318Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1040348", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040348", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://crbug.com/727039", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { name: "DSA-4086", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4086", }, { name: "RHSA-2018:0287", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { name: "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { name: "RHSA-2017:3401", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { name: "GLSA-201801-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201801-03", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Google Chrome prior to 63.0.3239.84 unknown", vendor: "n/a", versions: [ { status: "affected", version: "Google Chrome prior to 63.0.3239.84 unknown", }, ], }, ], datePublic: "2017-12-06T00:00:00", descriptions: [ { lang: "en", value: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], problemTypes: [ { descriptions: [ { description: "Use After Free", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-29T09:57:01", orgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", shortName: "Chrome", }, references: [ { name: "1040348", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040348", }, { tags: [ "x_refsource_MISC", ], url: "https://crbug.com/727039", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { name: "DSA-4086", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4086", }, { name: "RHSA-2018:0287", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { name: "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { name: "RHSA-2017:3401", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { name: "GLSA-201801-03", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201801-03", }, { tags: [ "x_refsource_MISC", ], url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2017-15412", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Google Chrome prior to 63.0.3239.84 unknown", version: { version_data: [ { version_value: "Google Chrome prior to 63.0.3239.84 unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "1040348", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040348", }, { name: "https://crbug.com/727039", refsource: "MISC", url: "https://crbug.com/727039", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", refsource: "MISC", url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { name: "DSA-4086", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4086", }, { name: "RHSA-2018:0287", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { name: "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { name: "RHSA-2017:3401", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { name: "GLSA-201801-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201801-03", }, { name: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", assignerShortName: "Chrome", cveId: "CVE-2017-15412", datePublished: "2018-08-28T19:00:00", dateReserved: "2017-10-17T00:00:00", dateUpdated: "2024-08-05T19:57:26.318Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2017-15412\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2018-08-28T19:29:05.737\",\"lastModified\":\"2024-11-21T03:14:39.487\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.\"},{\"lang\":\"es\",\"value\":\"Uso de memoria previamente liberada en libxml2 en versiones anteriores a la 2.9.5, tal y como se emplea en Google Chrome en versiones anteriores a la 63.0.3239.84 y otros productos, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F59A04-14CF-49E2-9973-645477EA09DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"63.0.3239.84\",\"matchCriteriaId\":\"BD398356-6BFE-46FE-A6AA-16F55BC5490C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.9.5\",\"matchCriteriaId\":\"C4B3A4BD-14E7-4D4D-81C9-6A355F49C978\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1040348\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3401\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0287\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://bugzilla.gnome.org/show_bug.cgi?id=783160\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://crbug.com/727039\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://security.gentoo.org/glsa/201801-03\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4086\",\"source\":\"chrome-cve-admin@google.com\"},{\"url\":\"http://www.securitytracker.com/id/1040348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0287\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.gnome.org/show_bug.cgi?id=783160\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://crbug.com/727039\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201801-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4086\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
rhsa-2018:0287
Vulnerability from csaf_redhat
Published
2018-02-08 12:39
Modified
2025-01-09 05:39
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 4 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1,2 and 3), which are documented in the Release Notes document linked to in the References.
Security Fix(es):
Details around this issue, including information about the CVE, severity of the issue, and the CVSS score can be found on the CVE page listed in the Reference section below.
* chromium-browser: use after free in libxml (CVE-2017-15412, Important)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 4 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1,2 and 3), which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\nDetails around this issue, including information about the CVE, severity of the issue, and the CVSS score can be found on the CVE page listed in the Reference section below.\n\n* chromium-browser: use after free in libxml (CVE-2017-15412, Important)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:0287", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2017-15412", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.23", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.23", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0287.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update", tracking: { current_release_date: "2025-01-09T05:39:00+00:00", generator: { date: "2025-01-09T05:39:00+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:0287", initial_release_date: "2018-02-08T12:39:22+00:00", revision_history: [ { date: "2018-02-08T12:39:22+00:00", number: "1", summary: "Initial version", }, { date: "2018-02-08T12:39:22+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T05:39:00+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only JBCS", product: { name: "Text-Only JBCS", product_id: "Text-Only JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-02-08T12:39:22+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:0287", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, ], }
rhba-2020:1539
Vulnerability from csaf_redhat
Published
2020-04-22 13:24
Modified
2025-03-15 20:39
Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container
Notes
Topic
Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container
Details
* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)
* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)
* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)
* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container", title: "Topic", }, { category: "general", text: "* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)\n* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)\n* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)\n* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2020:1539", url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1539.json", }, ], title: "Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container", tracking: { current_release_date: "2025-03-15T20:39:09+00:00", generator: { date: "2025-03-15T20:39:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHBA-2020:1539", initial_release_date: "2020-04-22T13:24:05+00:00", revision_history: [ { date: "2020-04-22T13:24:05+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-22T13:24:05+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T20:39:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Tower 3.5 for RHEL 7 Server", product: { name: "Red Hat Ansible Tower 3.5 for RHEL 7 Server", product_id: "7Server-Ansible-Tower-3.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_tower:3.5::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Tower", }, { branches: [ { category: "product_version", name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product: { name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product_id: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product_identification_helper: { purl: "pkg:oci/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463?arch=amd64&repository_url=registry.redhat.io/ansible-tower-35/ansible-tower&tag=3.5.6-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64 as a component of Red Hat Ansible Tower 3.5 for RHEL 7 Server", product_id: "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", }, product_reference: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", relates_to_product_reference: "7Server-Ansible-Tower-3.5", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Ucha Gobejishvili", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2015-2716", discovery_date: "2015-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1220607", }, ], notes: [ { category: "description", text: "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.", title: "Vulnerability description", }, { category: "summary", text: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of expat package as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-2716", }, { category: "external", summary: "RHBZ#1220607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1220607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-2716", url: "https://www.cve.org/CVERecord?id=CVE-2015-2716", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", url: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", }, ], release_date: "2015-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", }, { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-10360", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590000", }, ], notes: [ { category: "description", text: "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", title: "Vulnerability description", }, { category: "summary", text: "file: out-of-bounds read via a crafted ELF file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10360", }, { category: "external", summary: "RHBZ#1590000", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10360", url: "https://www.cve.org/CVERecord?id=CVE-2018-10360", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "file: out-of-bounds read via a crafted ELF file", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, { cve: "CVE-2018-18074", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-10-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1643829", }, ], notes: [ { category: "description", text: "A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials.", title: "Vulnerability description", }, { category: "summary", text: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-18074", }, { category: "external", summary: "RHBZ#1643829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1643829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-18074", url: "https://www.cve.org/CVERecord?id=CVE-2018-18074", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", }, ], release_date: "2018-06-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 2.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", }, { cve: "CVE-2018-20060", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1649153", }, ], notes: [ { category: "description", text: "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20060", }, { category: "external", summary: "RHBZ#1649153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1649153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20060", url: "https://www.cve.org/CVERecord?id=CVE-2018-20060", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", }, ], release_date: "2018-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", }, { cve: "CVE-2018-20852", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1740347", }, ], notes: [ { category: "description", text: "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.", title: "Vulnerability description", }, { category: "summary", text: "python: Cookie domain check returns incorrect results", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of python as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of python3 as shipped with Red Hat Enterprise Linux 7 and 8. This issue affects the versions of python2 and python36 as shipped with Red Hat Enterprise Linux 8.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20852", }, { category: "external", summary: "RHBZ#1740347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20852", url: "https://www.cve.org/CVERecord?id=CVE-2018-20852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "A potentially simple workaround in the absence of patch on affected versions is to set DomainStrict in the cookiepolicy that would make sure a literal match against domain. The disadvantage would be that cookie set on example.com would not be shared with subdomain which might break workflow.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Cookie domain check returns incorrect results", }, { acknowledgments: [ { names: [ "Ray Strode", ], organization: "The GNOME Project", }, { names: [ "Maxime Vellard", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3820", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2019-01-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669391", }, ], notes: [ { category: "description", text: "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3.", title: "Vulnerability description", }, { category: "summary", text: "gnome-shell: partial lock screen bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3820", }, { category: "external", summary: "RHBZ#1669391", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669391", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3820", url: "https://www.cve.org/CVERecord?id=CVE-2019-3820", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", url: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", }, ], release_date: "2019-02-05T12:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gnome-shell: partial lock screen bypass", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, { cve: "CVE-2019-9924", cwe: { id: "CWE-138", name: "Improper Neutralization of Special Elements", }, discovery_date: "2019-03-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1691774", }, ], notes: [ { category: "description", text: "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.", title: "Vulnerability description", }, { category: "summary", text: "bash: BASH_CMD is writable in restricted bash shells", title: "Vulnerability summary", }, { category: "other", text: "Impact of the flaw set to Moderate as restricted shell shall not be used as a security feature alone, as it is very hard to configure it properly and several bypasses exist for it.\n\nThis issue did not affect the versions of bash as shipped with Red Hat Enterprise Linux 5 as they did not include support for BASH_CMDS environment variable.\n\nRed Hat Virtualization Hypervisor and Management Appliance were affected by this issue, but do not use the restricted bash shell in a way that would be exposed to attackers. Future updates may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-9924", }, { category: "external", summary: "RHBZ#1691774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-9924", url: "https://www.cve.org/CVERecord?id=CVE-2019-9924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", }, ], release_date: "2019-03-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: BASH_CMD is writable in restricted bash shells", }, { cve: "CVE-2019-11236", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2019-04-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1700824", }, ], notes: [ { category: "description", text: "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of python-urllib3 shipped with Red Hat Gluster Storage 3, as it is vulnerable to CRLF injection.\n\nRed Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11236", }, { category: "external", summary: "RHBZ#1700824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11236", url: "https://www.cve.org/CVERecord?id=CVE-2019-11236", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", }, ], release_date: "2019-03-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-09-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1749839", }, ], notes: [ { category: "description", text: "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.", title: "Vulnerability description", }, { category: "summary", text: "python: email.utils.parseaddr wrongly parses email addresses", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-16056", }, { category: "external", summary: "RHBZ#1749839", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-16056", url: "https://www.cve.org/CVERecord?id=CVE-2019-16056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", }, ], release_date: "2018-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: email.utils.parseaddr wrongly parses email addresses", }, { cve: "CVE-2019-17041", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766693", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17041", }, { category: "external", summary: "RHBZ#1766693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766693", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17041", url: "https://www.cve.org/CVERecord?id=CVE-2019-17041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", }, ], release_date: "2019-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", }, { cve: "CVE-2019-17042", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766700", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17042", }, { category: "external", summary: "RHBZ#1766700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17042", url: "https://www.cve.org/CVERecord?id=CVE-2019-17042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", }, ], release_date: "2019-10-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1734", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, discovery_date: "2019-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1801804", }, ], notes: [ { category: "description", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "Vulnerability description", }, { category: "summary", text: "ansible: shell enabled by default in a pipe lookup plugin subprocess", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "RHBZ#1801804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1734", url: "https://www.cve.org/CVERecord?id=CVE-2020-1734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1734", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1734", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "This issue can be avoided by escaping variables which are used in the lookup.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: shell enabled by default in a pipe lookup plugin subprocess", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1735", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802085", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node.", title: "Vulnerability description", }, { category: "summary", text: "ansible: path injection on dest parameter in fetch module", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "RHBZ#1802085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802085", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1735", url: "https://www.cve.org/CVERecord?id=CVE-2020-1735", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1735", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1735", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the affected fetch module when possible.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: path injection on dest parameter in fetch module", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1736", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802124", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This issue affects only the newly created files and not existing ones. If the file already exists at the final destination, those permissions are retained. This could lead to the disclosure of sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "ansible: atomic_move primitive sets permissive permissions", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.8.14 and 2.9.12 as well as previous versions and all 2.7.x versions are affected.\n\nAnsible Tower 3.6.5 and 3.7.2 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "RHBZ#1802124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1736", url: "https://www.cve.org/CVERecord?id=CVE-2020-1736", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1736", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1736", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "This issue can be mitigated by specifying the \"mode\" on the task. That just leaves a race condition in place where newly created files that specify a mode in the task briefly go from 666 - umask to the final mode. An alternative workaround if many new files are created and to avoid setting a specific mode for each file would be to set the \"mode\" to \"preserve\" value. That will maintain the permissions of the source file on the controller in the final file on the managed host.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: atomic_move primitive sets permissive permissions", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1737", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802154", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal.", title: "Vulnerability description", }, { category: "summary", text: "ansible: Extract-Zip function in win_unzip module does not check extracted path", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "RHBZ#1802154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1737", url: "https://www.cve.org/CVERecord?id=CVE-2020-1737", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1737", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1737", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the affected win_unzip module when possible.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: Extract-Zip function in win_unzip module does not check extracted path", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1738", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802164", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file.", title: "Vulnerability description", }, { category: "summary", text: "ansible: module package can be selected by the ansible facts", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "RHBZ#1802164", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802164", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1738", url: "https://www.cve.org/CVERecord?id=CVE-2020-1738", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1738", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1738", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Specify the parameter 'use' when possible on the package and service modules. Avoid using Ansible Collections on Ansible 2.8.9 or 2.7.16 (and any of the previous versions) as they are not rejecting python with no path (already fixed in 2.9.x).", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: module package can be selected by the ansible facts", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1739", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802178", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine. When a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "Vulnerability description", }, { category: "summary", text: "ansible: svn module leaks password when specified as a parameter", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "RHBZ#1802178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802178", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1739", url: "https://www.cve.org/CVERecord?id=CVE-2020-1739", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1739", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1739", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Instead of using the parameter 'password' of the subversion module, provide the password with stdin.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: svn module leaks password when specified as a parameter", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1740", cwe: { id: "CWE-377", name: "Insecure Temporary File", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802193", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely.", title: "Vulnerability description", }, { category: "summary", text: "ansible: secrets readable after ansible-vault edit", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "RHBZ#1802193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1740", url: "https://www.cve.org/CVERecord?id=CVE-2020-1740", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1740", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1740", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the 'edit' option from 'ansible-vault' command line tool.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: secrets readable after ansible-vault edit", }, { acknowledgments: [ { names: [ "Felix Fountein", ], }, ], cve: "CVE-2020-1746", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2019-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805491", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be provided from core Ansible. But we still ship ansible separately for ceph ubuntu.\n\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "RHBZ#1805491", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805491", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1746", url: "https://www.cve.org/CVERecord?id=CVE-2020-1746", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1746", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1746", }, ], release_date: "2020-02-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Using args keyword and embedding the ldap_auth variable instead of using bind_pw parameter would mitigate this issue.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1753", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1811008", }, ], notes: [ { category: "description", text: "A security flaw was found in the Ansible Engine when managing Kubernetes using the k8s connection plugin. Sensitive parameters such as passwords and tokens are passed to the kubectl command line instead of using environment variables or an input configuration file, which is safer. This flaw discloses passwords and tokens from the process list, and the no_log directive from the debug module would not be reflected in the underlying command-line tools options, displaying passwords and tokens on stdout and log files.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: kubectl connection plugin leaks sensitive information", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.17, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "RHBZ#1811008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1811008", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1753", url: "https://www.cve.org/CVERecord?id=CVE-2020-1753", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1753", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1753", }, ], release_date: "2020-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: kubectl connection plugin leaks sensitive information", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-10684", cwe: { id: "CWE-862", name: "Missing Authorization", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1815519", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine. When using ansible_facts as a subkey of itself, and promoting it to a variable when injecting is enabled, overwriting the ansible_facts after the clean, an attacker could take advantage of this by altering the ansible_facts leading to privilege escalation or code injection. The highest threat from this vulnerability are to data integrity and system availability.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: code injection when using ansible_facts as a subkey", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be consumed from core Ansible. But we still ship ansible separately for ceph ubuntu.\n* Red Hat OpenStack Platform does package the affected code. However, because RHOSP does not use ansible_facts as a subkey directly, the RHOSP impact has been reduced to Moderate and no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "RHBZ#1815519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1815519", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10684", url: "https://www.cve.org/CVERecord?id=CVE-2020-10684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10684", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is not a known mitigation except avoiding the functionality of using ansible_facts as a subkey.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "Ansible: code injection when using ansible_facts as a subkey", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-10685", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1814627", }, ], notes: [ { category: "description", text: "A flaw was found on Ansible Engine when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the secrets unencrypted.\r\n\r\nOn Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decrypted data remains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted is sensible.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: modules which use files encrypted with vault are not properly cleaned up", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "RHBZ#1814627", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814627", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10685", url: "https://www.cve.org/CVERecord?id=CVE-2020-10685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10685", }, ], release_date: "2020-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except by removing manually the temporary created file after every run.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: modules which use files encrypted with vault are not properly cleaned up", }, ], }
rhsa-2017:3401
Vulnerability from csaf_redhat
Published
2017-12-07 19:30
Modified
2025-01-09 05:39
Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 63.0.3239.84.
Security Fix(es):
* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 63.0.3239.84.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2017:3401", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { category: "external", summary: "1523123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523123", }, { category: "external", summary: "1523124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523124", }, { category: "external", summary: "1523125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523125", }, { category: "external", summary: "1523126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523126", }, { category: "external", summary: "1523127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523127", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "1523129", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523129", }, { category: "external", summary: "1523130", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523130", }, { category: "external", summary: "1523131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523131", }, { category: "external", summary: "1523132", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523132", }, { category: "external", summary: "1523133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523133", }, { category: "external", summary: "1523134", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523134", }, { category: "external", summary: "1523135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523135", }, { category: "external", summary: "1523136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", }, { category: "external", summary: "1523137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523137", }, { category: "external", summary: "1523138", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523138", }, { category: "external", summary: "1523139", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523139", }, { category: "external", summary: "1523140", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523140", }, { category: "external", summary: "1523141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523141", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3401.json", }, ], title: "Red Hat Security Advisory: chromium-browser security update", tracking: { current_release_date: "2025-01-09T05:39:18+00:00", generator: { date: "2025-01-09T05:39:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2017:3401", initial_release_date: "2017-12-07T19:30:35+00:00", revision_history: [ { date: "2017-12-07T19:30:35+00:00", number: "1", summary: "Initial version", }, { date: "2017-12-07T19:30:35+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T05:39:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux Supplementary", }, { branches: [ { category: "product_version", name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product_id: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser-debuginfo@63.0.3239.84-1.el6_9?arch=x86_64", }, }, }, { category: "product_version", name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product_id: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser@63.0.3239.84-1.el6_9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product_id: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser-debuginfo@63.0.3239.84-1.el6_9?arch=i686", }, }, }, { category: "product_version", name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product_id: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser@63.0.3239.84-1.el6_9?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15407", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523123", }, ], notes: [ { category: "description", text: "Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds write in quic", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15407", }, { category: "external", summary: "RHBZ#1523123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523123", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15407", url: "https://www.cve.org/CVERecord?id=CVE-2017-15407", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15407", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15407", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "chromium-browser: out of bounds write in quic", }, { cve: "CVE-2017-15408", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523124", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: heap buffer overflow in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15408", }, { category: "external", summary: "RHBZ#1523124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15408", url: "https://www.cve.org/CVERecord?id=CVE-2017-15408", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15408", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15408", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: heap buffer overflow in pdfium", }, { cve: "CVE-2017-15409", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523125", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds write in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15409", }, { category: "external", summary: "RHBZ#1523125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15409", url: "https://www.cve.org/CVERecord?id=CVE-2017-15409", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15409", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15409", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: out of bounds write in skia", }, { cve: "CVE-2017-15410", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523126", }, ], notes: [ { category: "description", text: "Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use after free in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15410", }, { category: "external", summary: "RHBZ#1523126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523126", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15410", url: "https://www.cve.org/CVERecord?id=CVE-2017-15410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15410", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15410", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: use after free in pdfium", }, { cve: "CVE-2017-15411", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523127", }, ], notes: [ { category: "description", text: "Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use after free in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15411", }, { category: "external", summary: "RHBZ#1523127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523127", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15411", url: "https://www.cve.org/CVERecord?id=CVE-2017-15411", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15411", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15411", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: use after free in pdfium", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-15413", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523129", }, ], notes: [ { category: "description", text: "Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: type confusion in webassembly", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15413", }, { category: "external", summary: "RHBZ#1523129", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523129", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15413", url: "https://www.cve.org/CVERecord?id=CVE-2017-15413", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15413", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15413", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: type confusion in webassembly", }, { cve: "CVE-2017-15415", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523130", }, ], notes: [ { category: "description", text: "Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: pointer information disclosure in ipc call", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15415", }, { category: "external", summary: "RHBZ#1523130", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523130", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15415", url: "https://www.cve.org/CVERecord?id=CVE-2017-15415", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15415", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15415", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: pointer information disclosure in ipc call", }, { cve: "CVE-2017-15416", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523131", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds read in blink", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15416", }, { category: "external", summary: "RHBZ#1523131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523131", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15416", url: "https://www.cve.org/CVERecord?id=CVE-2017-15416", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15416", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15416", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: out of bounds read in blink", }, { cve: "CVE-2017-15417", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523132", }, ], notes: [ { category: "description", text: "Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: cross origin information disclosure in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15417", }, { category: "external", summary: "RHBZ#1523132", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523132", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15417", url: "https://www.cve.org/CVERecord?id=CVE-2017-15417", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15417", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15417", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: cross origin information disclosure in skia", }, { cve: "CVE-2017-15418", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523133", }, ], notes: [ { category: "description", text: "Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use of uninitialized value in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15418", }, { category: "external", summary: "RHBZ#1523133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15418", url: "https://www.cve.org/CVERecord?id=CVE-2017-15418", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15418", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15418", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: use of uninitialized value in skia", }, { cve: "CVE-2017-15419", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523134", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: cross origin leak of redirect url in blink", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15419", }, { category: "external", summary: "RHBZ#1523134", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523134", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15419", url: "https://www.cve.org/CVERecord?id=CVE-2017-15419", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15419", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15419", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: cross origin leak of redirect url in blink", }, { cve: "CVE-2017-15420", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523135", }, ], notes: [ { category: "description", text: "Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoofing in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15420", }, { category: "external", summary: "RHBZ#1523135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15420", url: "https://www.cve.org/CVERecord?id=CVE-2017-15420", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15420", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15420", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: url spoofing in omnibox", }, { cve: "CVE-2017-15422", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523136", }, ], notes: [ { category: "description", text: "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: integer overflow in icu", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15422", }, { category: "external", summary: "RHBZ#1523136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15422", url: "https://www.cve.org/CVERecord?id=CVE-2017-15422", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15422", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15422", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: integer overflow in icu", }, { cve: "CVE-2017-15423", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523137", }, ], notes: [ { category: "description", text: "Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: issue with spake implementation in boringssl", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15423", }, { category: "external", summary: "RHBZ#1523137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523137", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15423", url: "https://www.cve.org/CVERecord?id=CVE-2017-15423", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15423", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15423", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: issue with spake implementation in boringssl", }, { cve: "CVE-2017-15424", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523138", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15424", }, { category: "external", summary: "RHBZ#1523138", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523138", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15424", url: "https://www.cve.org/CVERecord?id=CVE-2017-15424", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15424", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15424", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15425", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523139", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15425", }, { category: "external", summary: "RHBZ#1523139", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523139", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15425", url: "https://www.cve.org/CVERecord?id=CVE-2017-15425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15425", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15425", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15426", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523140", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15426", }, { category: "external", summary: "RHBZ#1523140", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523140", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15426", url: "https://www.cve.org/CVERecord?id=CVE-2017-15426", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15426", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15426", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15427", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523141", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: insufficient blocking of javascript in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15427", }, { category: "external", summary: "RHBZ#1523141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15427", url: "https://www.cve.org/CVERecord?id=CVE-2017-15427", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15427", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15427", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: insufficient blocking of javascript in omnibox", }, ], }
RHBA-2020:1540
Vulnerability from csaf_redhat
Published
2020-04-22 13:21
Modified
2025-03-15 20:39
Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
Notes
Topic
Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
Details
* Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity
* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)
* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)
* Fixed event hostnames to be recorded for playbooks run on isolated nodes
* Fixed a PostgreSQL issue that caused upgrade failures in certain situations
* Fixed the search for Source Control credentials in the Tower user interface
* Fixed a performance issue to no longer delay the output of project updates for certain users
* Fixed the installations to no longer fail with admin passwords that contain certain special characters
* Fixed the start time to correctly set for approval notifications
* Fixed an inconsistency in gathered inventory analytics
* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)
* Updated single sign-on integration to address several upcoming GitHub API deprecations
* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109
* Updated translations
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container", title: "Topic", }, { category: "general", text: "* Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity\n* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)\n* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)\n* Fixed event hostnames to be recorded for playbooks run on isolated nodes\n* Fixed a PostgreSQL issue that caused upgrade failures in certain situations\n* Fixed the search for Source Control credentials in the Tower user interface\n* Fixed a performance issue to no longer delay the output of project updates for certain users\n* Fixed the installations to no longer fail with admin passwords that contain certain special characters\n* Fixed the start time to correctly set for approval notifications\n* Fixed an inconsistency in gathered inventory analytics\n* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)\n* Updated single sign-on integration to address several upcoming GitHub API deprecations\n* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109\n* Updated translations", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2020:1540", url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1540.json", }, ], title: "Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container", tracking: { current_release_date: "2025-03-15T20:39:18+00:00", generator: { date: "2025-03-15T20:39:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHBA-2020:1540", initial_release_date: "2020-04-22T13:21:59+00:00", revision_history: [ { date: "2020-04-22T13:21:59+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-22T13:21:59+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T20:39:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Tower 3.6 for RHEL 7", product: { name: "Red Hat Ansible Tower 3.6 for RHEL 7", product_id: "7Server-Ansible-Tower-3.6", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_tower:3.6::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Tower", }, { branches: [ { category: "product_version", name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product: { name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product_id: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product_identification_helper: { purl: "pkg:oci/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f?arch=amd64&repository_url=registry.redhat.io/ansible-tower-36/ansible-tower&tag=3.6.4-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64 as a component of Red Hat Ansible Tower 3.6 for RHEL 7", product_id: "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", }, product_reference: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", relates_to_product_reference: "7Server-Ansible-Tower-3.6", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Ucha Gobejishvili", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2015-2716", discovery_date: "2015-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1220607", }, ], notes: [ { category: "description", text: "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.", title: "Vulnerability description", }, { category: "summary", text: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of expat package as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-2716", }, { category: "external", summary: "RHBZ#1220607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1220607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-2716", url: "https://www.cve.org/CVERecord?id=CVE-2015-2716", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", url: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", }, ], release_date: "2015-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", }, { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-10360", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590000", }, ], notes: [ { category: "description", text: "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", title: "Vulnerability description", }, { category: "summary", text: "file: out-of-bounds read via a crafted ELF file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10360", }, { category: "external", summary: "RHBZ#1590000", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10360", url: "https://www.cve.org/CVERecord?id=CVE-2018-10360", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "file: out-of-bounds read via a crafted ELF file", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, { cve: "CVE-2018-18074", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-10-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1643829", }, ], notes: [ { category: "description", text: "A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials.", title: "Vulnerability description", }, { category: "summary", text: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-18074", }, { category: "external", summary: "RHBZ#1643829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1643829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-18074", url: "https://www.cve.org/CVERecord?id=CVE-2018-18074", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", }, ], release_date: "2018-06-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 2.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", }, { cve: "CVE-2018-20060", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1649153", }, ], notes: [ { category: "description", text: "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20060", }, { category: "external", summary: "RHBZ#1649153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1649153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20060", url: "https://www.cve.org/CVERecord?id=CVE-2018-20060", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", }, ], release_date: "2018-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", }, { cve: "CVE-2018-20852", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1740347", }, ], notes: [ { category: "description", text: "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.", title: "Vulnerability description", }, { category: "summary", text: "python: Cookie domain check returns incorrect results", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of python as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of python3 as shipped with Red Hat Enterprise Linux 7 and 8. This issue affects the versions of python2 and python36 as shipped with Red Hat Enterprise Linux 8.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20852", }, { category: "external", summary: "RHBZ#1740347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20852", url: "https://www.cve.org/CVERecord?id=CVE-2018-20852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "A potentially simple workaround in the absence of patch on affected versions is to set DomainStrict in the cookiepolicy that would make sure a literal match against domain. The disadvantage would be that cookie set on example.com would not be shared with subdomain which might break workflow.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Cookie domain check returns incorrect results", }, { acknowledgments: [ { names: [ "Ray Strode", ], organization: "The GNOME Project", }, { names: [ "Maxime Vellard", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3820", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2019-01-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669391", }, ], notes: [ { category: "description", text: "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3.", title: "Vulnerability description", }, { category: "summary", text: "gnome-shell: partial lock screen bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3820", }, { category: "external", summary: "RHBZ#1669391", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669391", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3820", url: "https://www.cve.org/CVERecord?id=CVE-2019-3820", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", url: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", }, ], release_date: "2019-02-05T12:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gnome-shell: partial lock screen bypass", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, { cve: "CVE-2019-9924", cwe: { id: "CWE-138", name: "Improper Neutralization of Special Elements", }, discovery_date: "2019-03-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1691774", }, ], notes: [ { category: "description", text: "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.", title: "Vulnerability description", }, { category: "summary", text: "bash: BASH_CMD is writable in restricted bash shells", title: "Vulnerability summary", }, { category: "other", text: "Impact of the flaw set to Moderate as restricted shell shall not be used as a security feature alone, as it is very hard to configure it properly and several bypasses exist for it.\n\nThis issue did not affect the versions of bash as shipped with Red Hat Enterprise Linux 5 as they did not include support for BASH_CMDS environment variable.\n\nRed Hat Virtualization Hypervisor and Management Appliance were affected by this issue, but do not use the restricted bash shell in a way that would be exposed to attackers. Future updates may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-9924", }, { category: "external", summary: "RHBZ#1691774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-9924", url: "https://www.cve.org/CVERecord?id=CVE-2019-9924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", }, ], release_date: "2019-03-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: BASH_CMD is writable in restricted bash shells", }, { cve: "CVE-2019-11236", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2019-04-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1700824", }, ], notes: [ { category: "description", text: "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of python-urllib3 shipped with Red Hat Gluster Storage 3, as it is vulnerable to CRLF injection.\n\nRed Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11236", }, { category: "external", summary: "RHBZ#1700824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11236", url: "https://www.cve.org/CVERecord?id=CVE-2019-11236", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", }, ], release_date: "2019-03-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-09-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1749839", }, ], notes: [ { category: "description", text: "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.", title: "Vulnerability description", }, { category: "summary", text: "python: email.utils.parseaddr wrongly parses email addresses", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-16056", }, { category: "external", summary: "RHBZ#1749839", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-16056", url: "https://www.cve.org/CVERecord?id=CVE-2019-16056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", }, ], release_date: "2018-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: email.utils.parseaddr wrongly parses email addresses", }, { cve: "CVE-2019-17041", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766693", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17041", }, { category: "external", summary: "RHBZ#1766693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766693", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17041", url: "https://www.cve.org/CVERecord?id=CVE-2019-17041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", }, ], release_date: "2019-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", }, { cve: "CVE-2019-17042", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766700", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17042", }, { category: "external", summary: "RHBZ#1766700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17042", url: "https://www.cve.org/CVERecord?id=CVE-2019-17042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", }, ], release_date: "2019-10-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", }, { acknowledgments: [ { names: [ "Felix Fountein", ], }, ], cve: "CVE-2020-10691", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1817161", }, ], notes: [ { category: "description", text: "An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: archive traversal vulnerability in ansible-galaxy collection install", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.9.6 as well as previous 2.9.x versions are affected. Ansible versions less than or equal to 2.8 are not affected by this vulnerability as this functionality was introduced on 2.9.\n\nAnsible Tower 3.6.3 as well as previous 3.6.x versions are affected as they use ansible-galaxy collections.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "RHBZ#1817161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1817161", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10691", url: "https://www.cve.org/CVERecord?id=CVE-2020-10691", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10691", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10691", }, ], release_date: "2020-03-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "A possible mitigation of archive traversal issue could be done by restricting file access control and directory write accesses for extracting tarball files. This is feasible only for scenarios when the destination path could be known and enforced beforehand.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: archive traversal vulnerability in ansible-galaxy collection install", }, { acknowledgments: [ { names: [ "Rihards Olups", ], }, ], cve: "CVE-2020-10729", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, discovery_date: "2020-05-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1831089", }, ], notes: [ { category: "description", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: two random password lookups in same task return same value", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "RHBZ#1831089", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10729", url: "https://www.cve.org/CVERecord?id=CVE-2020-10729", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", }, { category: "external", summary: "https://github.com/ansible/ansible/issues/34144", url: "https://github.com/ansible/ansible/issues/34144", }, ], release_date: "2017-12-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: two random password lookups in same task return same value", }, ], }
rhba-2020_1539
Vulnerability from csaf_redhat
Published
2020-04-22 13:24
Modified
2024-11-22 14:26
Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container
Notes
Topic
Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container
Details
* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)
* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)
* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)
* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container", title: "Topic", }, { category: "general", text: "* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)\n* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)\n* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)\n* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2020:1539", url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1539.json", }, ], title: "Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container", tracking: { current_release_date: "2024-11-22T14:26:26+00:00", generator: { date: "2024-11-22T14:26:26+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHBA-2020:1539", initial_release_date: "2020-04-22T13:24:05+00:00", revision_history: [ { date: "2020-04-22T13:24:05+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-22T13:24:05+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:26:26+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Tower 3.5 for RHEL 7 Server", product: { name: "Red Hat Ansible Tower 3.5 for RHEL 7 Server", product_id: "7Server-Ansible-Tower-3.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_tower:3.5::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Tower", }, { branches: [ { category: "product_version", name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product: { name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product_id: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product_identification_helper: { purl: "pkg:oci/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463?arch=amd64&repository_url=registry.redhat.io/ansible-tower-35/ansible-tower&tag=3.5.6-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64 as a component of Red Hat Ansible Tower 3.5 for RHEL 7 Server", product_id: "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", }, product_reference: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", relates_to_product_reference: "7Server-Ansible-Tower-3.5", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Ucha Gobejishvili", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2015-2716", discovery_date: "2015-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1220607", }, ], notes: [ { category: "description", text: "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.", title: "Vulnerability description", }, { category: "summary", text: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of expat package as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-2716", }, { category: "external", summary: "RHBZ#1220607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1220607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-2716", url: "https://www.cve.org/CVERecord?id=CVE-2015-2716", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", url: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", }, ], release_date: "2015-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", }, { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-10360", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590000", }, ], notes: [ { category: "description", text: "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", title: "Vulnerability description", }, { category: "summary", text: "file: out-of-bounds read via a crafted ELF file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10360", }, { category: "external", summary: "RHBZ#1590000", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10360", url: "https://www.cve.org/CVERecord?id=CVE-2018-10360", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "file: out-of-bounds read via a crafted ELF file", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, { cve: "CVE-2018-18074", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-10-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1643829", }, ], notes: [ { category: "description", text: "A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials.", title: "Vulnerability description", }, { category: "summary", text: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-18074", }, { category: "external", summary: "RHBZ#1643829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1643829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-18074", url: "https://www.cve.org/CVERecord?id=CVE-2018-18074", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", }, ], release_date: "2018-06-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 2.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", }, { cve: "CVE-2018-20060", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1649153", }, ], notes: [ { category: "description", text: "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20060", }, { category: "external", summary: "RHBZ#1649153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1649153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20060", url: "https://www.cve.org/CVERecord?id=CVE-2018-20060", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", }, ], release_date: "2018-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", }, { cve: "CVE-2018-20852", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1740347", }, ], notes: [ { category: "description", text: "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.", title: "Vulnerability description", }, { category: "summary", text: "python: Cookie domain check returns incorrect results", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of python as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of python3 as shipped with Red Hat Enterprise Linux 7 and 8. This issue affects the versions of python2 and python36 as shipped with Red Hat Enterprise Linux 8.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20852", }, { category: "external", summary: "RHBZ#1740347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20852", url: "https://www.cve.org/CVERecord?id=CVE-2018-20852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "A potentially simple workaround in the absence of patch on affected versions is to set DomainStrict in the cookiepolicy that would make sure a literal match against domain. The disadvantage would be that cookie set on example.com would not be shared with subdomain which might break workflow.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Cookie domain check returns incorrect results", }, { acknowledgments: [ { names: [ "Ray Strode", ], organization: "The GNOME Project", }, { names: [ "Maxime Vellard", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3820", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2019-01-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669391", }, ], notes: [ { category: "description", text: "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3.", title: "Vulnerability description", }, { category: "summary", text: "gnome-shell: partial lock screen bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3820", }, { category: "external", summary: "RHBZ#1669391", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669391", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3820", url: "https://www.cve.org/CVERecord?id=CVE-2019-3820", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", url: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", }, ], release_date: "2019-02-05T12:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gnome-shell: partial lock screen bypass", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, { cve: "CVE-2019-9924", cwe: { id: "CWE-138", name: "Improper Neutralization of Special Elements", }, discovery_date: "2019-03-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1691774", }, ], notes: [ { category: "description", text: "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.", title: "Vulnerability description", }, { category: "summary", text: "bash: BASH_CMD is writable in restricted bash shells", title: "Vulnerability summary", }, { category: "other", text: "Impact of the flaw set to Moderate as restricted shell shall not be used as a security feature alone, as it is very hard to configure it properly and several bypasses exist for it.\n\nThis issue did not affect the versions of bash as shipped with Red Hat Enterprise Linux 5 as they did not include support for BASH_CMDS environment variable.\n\nRed Hat Virtualization Hypervisor and Management Appliance were affected by this issue, but do not use the restricted bash shell in a way that would be exposed to attackers. Future updates may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-9924", }, { category: "external", summary: "RHBZ#1691774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-9924", url: "https://www.cve.org/CVERecord?id=CVE-2019-9924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", }, ], release_date: "2019-03-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: BASH_CMD is writable in restricted bash shells", }, { cve: "CVE-2019-11236", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2019-04-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1700824", }, ], notes: [ { category: "description", text: "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of python-urllib3 shipped with Red Hat Gluster Storage 3, as it is vulnerable to CRLF injection.\n\nRed Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11236", }, { category: "external", summary: "RHBZ#1700824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11236", url: "https://www.cve.org/CVERecord?id=CVE-2019-11236", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", }, ], release_date: "2019-03-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-09-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1749839", }, ], notes: [ { category: "description", text: "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.", title: "Vulnerability description", }, { category: "summary", text: "python: email.utils.parseaddr wrongly parses email addresses", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-16056", }, { category: "external", summary: "RHBZ#1749839", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-16056", url: "https://www.cve.org/CVERecord?id=CVE-2019-16056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", }, ], release_date: "2018-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: email.utils.parseaddr wrongly parses email addresses", }, { cve: "CVE-2019-17041", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766693", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17041", }, { category: "external", summary: "RHBZ#1766693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766693", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17041", url: "https://www.cve.org/CVERecord?id=CVE-2019-17041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", }, ], release_date: "2019-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", }, { cve: "CVE-2019-17042", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766700", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17042", }, { category: "external", summary: "RHBZ#1766700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17042", url: "https://www.cve.org/CVERecord?id=CVE-2019-17042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", }, ], release_date: "2019-10-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1734", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, discovery_date: "2019-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1801804", }, ], notes: [ { category: "description", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "Vulnerability description", }, { category: "summary", text: "ansible: shell enabled by default in a pipe lookup plugin subprocess", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "RHBZ#1801804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1734", url: "https://www.cve.org/CVERecord?id=CVE-2020-1734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1734", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1734", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "This issue can be avoided by escaping variables which are used in the lookup.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: shell enabled by default in a pipe lookup plugin subprocess", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1735", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802085", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node.", title: "Vulnerability description", }, { category: "summary", text: "ansible: path injection on dest parameter in fetch module", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "RHBZ#1802085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802085", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1735", url: "https://www.cve.org/CVERecord?id=CVE-2020-1735", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1735", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1735", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the affected fetch module when possible.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: path injection on dest parameter in fetch module", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1736", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802124", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This issue affects only the newly created files and not existing ones. If the file already exists at the final destination, those permissions are retained. This could lead to the disclosure of sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "ansible: atomic_move primitive sets permissive permissions", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.8.14 and 2.9.12 as well as previous versions and all 2.7.x versions are affected.\n\nAnsible Tower 3.6.5 and 3.7.2 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "RHBZ#1802124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1736", url: "https://www.cve.org/CVERecord?id=CVE-2020-1736", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1736", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1736", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "This issue can be mitigated by specifying the \"mode\" on the task. That just leaves a race condition in place where newly created files that specify a mode in the task briefly go from 666 - umask to the final mode. An alternative workaround if many new files are created and to avoid setting a specific mode for each file would be to set the \"mode\" to \"preserve\" value. That will maintain the permissions of the source file on the controller in the final file on the managed host.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: atomic_move primitive sets permissive permissions", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1737", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802154", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal.", title: "Vulnerability description", }, { category: "summary", text: "ansible: Extract-Zip function in win_unzip module does not check extracted path", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "RHBZ#1802154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1737", url: "https://www.cve.org/CVERecord?id=CVE-2020-1737", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1737", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1737", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the affected win_unzip module when possible.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: Extract-Zip function in win_unzip module does not check extracted path", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1738", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802164", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file.", title: "Vulnerability description", }, { category: "summary", text: "ansible: module package can be selected by the ansible facts", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "RHBZ#1802164", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802164", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1738", url: "https://www.cve.org/CVERecord?id=CVE-2020-1738", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1738", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1738", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Specify the parameter 'use' when possible on the package and service modules. Avoid using Ansible Collections on Ansible 2.8.9 or 2.7.16 (and any of the previous versions) as they are not rejecting python with no path (already fixed in 2.9.x).", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: module package can be selected by the ansible facts", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1739", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802178", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine. When a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "Vulnerability description", }, { category: "summary", text: "ansible: svn module leaks password when specified as a parameter", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "RHBZ#1802178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802178", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1739", url: "https://www.cve.org/CVERecord?id=CVE-2020-1739", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1739", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1739", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Instead of using the parameter 'password' of the subversion module, provide the password with stdin.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: svn module leaks password when specified as a parameter", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1740", cwe: { id: "CWE-377", name: "Insecure Temporary File", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802193", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely.", title: "Vulnerability description", }, { category: "summary", text: "ansible: secrets readable after ansible-vault edit", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "RHBZ#1802193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1740", url: "https://www.cve.org/CVERecord?id=CVE-2020-1740", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1740", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1740", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the 'edit' option from 'ansible-vault' command line tool.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: secrets readable after ansible-vault edit", }, { acknowledgments: [ { names: [ "Felix Fountein", ], }, ], cve: "CVE-2020-1746", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2019-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805491", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be provided from core Ansible. But we still ship ansible separately for ceph ubuntu.\n\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "RHBZ#1805491", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805491", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1746", url: "https://www.cve.org/CVERecord?id=CVE-2020-1746", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1746", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1746", }, ], release_date: "2020-02-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Using args keyword and embedding the ldap_auth variable instead of using bind_pw parameter would mitigate this issue.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1753", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1811008", }, ], notes: [ { category: "description", text: "A security flaw was found in the Ansible Engine when managing Kubernetes using the k8s connection plugin. Sensitive parameters such as passwords and tokens are passed to the kubectl command line instead of using environment variables or an input configuration file, which is safer. This flaw discloses passwords and tokens from the process list, and the no_log directive from the debug module would not be reflected in the underlying command-line tools options, displaying passwords and tokens on stdout and log files.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: kubectl connection plugin leaks sensitive information", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.17, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "RHBZ#1811008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1811008", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1753", url: "https://www.cve.org/CVERecord?id=CVE-2020-1753", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1753", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1753", }, ], release_date: "2020-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: kubectl connection plugin leaks sensitive information", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-10684", cwe: { id: "CWE-862", name: "Missing Authorization", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1815519", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine. When using ansible_facts as a subkey of itself, and promoting it to a variable when injecting is enabled, overwriting the ansible_facts after the clean, an attacker could take advantage of this by altering the ansible_facts leading to privilege escalation or code injection. The highest threat from this vulnerability are to data integrity and system availability.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: code injection when using ansible_facts as a subkey", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be consumed from core Ansible. But we still ship ansible separately for ceph ubuntu.\n* Red Hat OpenStack Platform does package the affected code. However, because RHOSP does not use ansible_facts as a subkey directly, the RHOSP impact has been reduced to Moderate and no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "RHBZ#1815519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1815519", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10684", url: "https://www.cve.org/CVERecord?id=CVE-2020-10684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10684", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is not a known mitigation except avoiding the functionality of using ansible_facts as a subkey.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "Ansible: code injection when using ansible_facts as a subkey", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-10685", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1814627", }, ], notes: [ { category: "description", text: "A flaw was found on Ansible Engine when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the secrets unencrypted.\r\n\r\nOn Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decrypted data remains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted is sensible.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: modules which use files encrypted with vault are not properly cleaned up", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "RHBZ#1814627", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814627", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10685", url: "https://www.cve.org/CVERecord?id=CVE-2020-10685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10685", }, ], release_date: "2020-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except by removing manually the temporary created file after every run.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: modules which use files encrypted with vault are not properly cleaned up", }, ], }
RHSA-2017:3401
Vulnerability from csaf_redhat
Published
2017-12-07 19:30
Modified
2025-01-09 05:39
Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 63.0.3239.84.
Security Fix(es):
* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 63.0.3239.84.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2017:3401", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { category: "external", summary: "1523123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523123", }, { category: "external", summary: "1523124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523124", }, { category: "external", summary: "1523125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523125", }, { category: "external", summary: "1523126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523126", }, { category: "external", summary: "1523127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523127", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "1523129", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523129", }, { category: "external", summary: "1523130", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523130", }, { category: "external", summary: "1523131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523131", }, { category: "external", summary: "1523132", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523132", }, { category: "external", summary: "1523133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523133", }, { category: "external", summary: "1523134", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523134", }, { category: "external", summary: "1523135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523135", }, { category: "external", summary: "1523136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", }, { category: "external", summary: "1523137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523137", }, { category: "external", summary: "1523138", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523138", }, { category: "external", summary: "1523139", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523139", }, { category: "external", summary: "1523140", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523140", }, { category: "external", summary: "1523141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523141", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3401.json", }, ], title: "Red Hat Security Advisory: chromium-browser security update", tracking: { current_release_date: "2025-01-09T05:39:18+00:00", generator: { date: "2025-01-09T05:39:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2017:3401", initial_release_date: "2017-12-07T19:30:35+00:00", revision_history: [ { date: "2017-12-07T19:30:35+00:00", number: "1", summary: "Initial version", }, { date: "2017-12-07T19:30:35+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T05:39:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux Supplementary", }, { branches: [ { category: "product_version", name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product_id: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser-debuginfo@63.0.3239.84-1.el6_9?arch=x86_64", }, }, }, { category: "product_version", name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product_id: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser@63.0.3239.84-1.el6_9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product_id: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser-debuginfo@63.0.3239.84-1.el6_9?arch=i686", }, }, }, { category: "product_version", name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product_id: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser@63.0.3239.84-1.el6_9?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15407", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523123", }, ], notes: [ { category: "description", text: "Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds write in quic", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15407", }, { category: "external", summary: "RHBZ#1523123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523123", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15407", url: "https://www.cve.org/CVERecord?id=CVE-2017-15407", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15407", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15407", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "chromium-browser: out of bounds write in quic", }, { cve: "CVE-2017-15408", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523124", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: heap buffer overflow in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15408", }, { category: "external", summary: "RHBZ#1523124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15408", url: "https://www.cve.org/CVERecord?id=CVE-2017-15408", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15408", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15408", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: heap buffer overflow in pdfium", }, { cve: "CVE-2017-15409", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523125", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds write in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15409", }, { category: "external", summary: "RHBZ#1523125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15409", url: "https://www.cve.org/CVERecord?id=CVE-2017-15409", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15409", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15409", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: out of bounds write in skia", }, { cve: "CVE-2017-15410", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523126", }, ], notes: [ { category: "description", text: "Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use after free in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15410", }, { category: "external", summary: "RHBZ#1523126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523126", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15410", url: "https://www.cve.org/CVERecord?id=CVE-2017-15410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15410", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15410", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: use after free in pdfium", }, { cve: "CVE-2017-15411", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523127", }, ], notes: [ { category: "description", text: "Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use after free in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15411", }, { category: "external", summary: "RHBZ#1523127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523127", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15411", url: "https://www.cve.org/CVERecord?id=CVE-2017-15411", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15411", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15411", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: use after free in pdfium", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-15413", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523129", }, ], notes: [ { category: "description", text: "Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: type confusion in webassembly", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15413", }, { category: "external", summary: "RHBZ#1523129", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523129", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15413", url: "https://www.cve.org/CVERecord?id=CVE-2017-15413", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15413", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15413", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: type confusion in webassembly", }, { cve: "CVE-2017-15415", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523130", }, ], notes: [ { category: "description", text: "Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: pointer information disclosure in ipc call", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15415", }, { category: "external", summary: "RHBZ#1523130", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523130", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15415", url: "https://www.cve.org/CVERecord?id=CVE-2017-15415", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15415", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15415", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: pointer information disclosure in ipc call", }, { cve: "CVE-2017-15416", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523131", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds read in blink", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15416", }, { category: "external", summary: "RHBZ#1523131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523131", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15416", url: "https://www.cve.org/CVERecord?id=CVE-2017-15416", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15416", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15416", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: out of bounds read in blink", }, { cve: "CVE-2017-15417", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523132", }, ], notes: [ { category: "description", text: "Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: cross origin information disclosure in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15417", }, { category: "external", summary: "RHBZ#1523132", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523132", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15417", url: "https://www.cve.org/CVERecord?id=CVE-2017-15417", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15417", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15417", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: cross origin information disclosure in skia", }, { cve: "CVE-2017-15418", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523133", }, ], notes: [ { category: "description", text: "Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use of uninitialized value in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15418", }, { category: "external", summary: "RHBZ#1523133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15418", url: "https://www.cve.org/CVERecord?id=CVE-2017-15418", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15418", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15418", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: use of uninitialized value in skia", }, { cve: "CVE-2017-15419", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523134", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: cross origin leak of redirect url in blink", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15419", }, { category: "external", summary: "RHBZ#1523134", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523134", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15419", url: "https://www.cve.org/CVERecord?id=CVE-2017-15419", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15419", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15419", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: cross origin leak of redirect url in blink", }, { cve: "CVE-2017-15420", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523135", }, ], notes: [ { category: "description", text: "Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoofing in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15420", }, { category: "external", summary: "RHBZ#1523135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15420", url: "https://www.cve.org/CVERecord?id=CVE-2017-15420", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15420", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15420", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: url spoofing in omnibox", }, { cve: "CVE-2017-15422", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523136", }, ], notes: [ { category: "description", text: "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: integer overflow in icu", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15422", }, { category: "external", summary: "RHBZ#1523136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15422", url: "https://www.cve.org/CVERecord?id=CVE-2017-15422", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15422", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15422", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: integer overflow in icu", }, { cve: "CVE-2017-15423", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523137", }, ], notes: [ { category: "description", text: "Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: issue with spake implementation in boringssl", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15423", }, { category: "external", summary: "RHBZ#1523137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523137", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15423", url: "https://www.cve.org/CVERecord?id=CVE-2017-15423", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15423", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15423", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: issue with spake implementation in boringssl", }, { cve: "CVE-2017-15424", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523138", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15424", }, { category: "external", summary: "RHBZ#1523138", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523138", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15424", url: "https://www.cve.org/CVERecord?id=CVE-2017-15424", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15424", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15424", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15425", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523139", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15425", }, { category: "external", summary: "RHBZ#1523139", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523139", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15425", url: "https://www.cve.org/CVERecord?id=CVE-2017-15425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15425", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15425", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15426", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523140", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15426", }, { category: "external", summary: "RHBZ#1523140", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523140", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15426", url: "https://www.cve.org/CVERecord?id=CVE-2017-15426", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15426", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15426", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15427", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523141", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: insufficient blocking of javascript in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15427", }, { category: "external", summary: "RHBZ#1523141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15427", url: "https://www.cve.org/CVERecord?id=CVE-2017-15427", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15427", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15427", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: insufficient blocking of javascript in omnibox", }, ], }
rhsa-2020:1190
Vulnerability from csaf_redhat
Published
2020-03-31 20:22
Modified
2025-01-09 05:39
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)
* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)
* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)
* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)
* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)
* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for libxml2 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1190", url: "https://access.redhat.com/errata/RHSA-2020:1190", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", }, { category: "external", summary: "1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1190.json", }, ], title: "Red Hat Security Advisory: libxml2 security update", tracking: { current_release_date: "2025-01-09T05:39:41+00:00", generator: { date: "2025-01-09T05:39:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2020:1190", initial_release_date: "2020-03-31T20:22:50+00:00", revision_history: [ { date: "2020-03-31T20:22:50+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-31T20:22:50+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T05:39:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-static-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-python-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-static-0:2.9.1-6.el7.4.s390", product_id: "libxml2-static-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-0:2.9.1-6.el7.4.s390", product_id: "libxml2-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390", product_id: "libxml2-devel-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-static-0:2.9.1-6.el7.4.i686", product_id: "libxml2-static-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-0:2.9.1-6.el7.4.i686", product_id: "libxml2-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686", product_id: "libxml2-devel-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.src", product: { name: "libxml2-0:2.9.1-6.el7.4.src", product_id: "libxml2-0:2.9.1-6.el7.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, ], }, vulnerabilities: [ { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, ], }
RHSA-2020:1190
Vulnerability from csaf_redhat
Published
2020-03-31 20:22
Modified
2025-01-09 05:39
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)
* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)
* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)
* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)
* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)
* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for libxml2 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1190", url: "https://access.redhat.com/errata/RHSA-2020:1190", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", }, { category: "external", summary: "1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1190.json", }, ], title: "Red Hat Security Advisory: libxml2 security update", tracking: { current_release_date: "2025-01-09T05:39:41+00:00", generator: { date: "2025-01-09T05:39:41+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2020:1190", initial_release_date: "2020-03-31T20:22:50+00:00", revision_history: [ { date: "2020-03-31T20:22:50+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-31T20:22:50+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T05:39:41+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-static-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-python-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-static-0:2.9.1-6.el7.4.s390", product_id: "libxml2-static-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-0:2.9.1-6.el7.4.s390", product_id: "libxml2-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390", product_id: "libxml2-devel-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-static-0:2.9.1-6.el7.4.i686", product_id: "libxml2-static-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-0:2.9.1-6.el7.4.i686", product_id: "libxml2-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686", product_id: "libxml2-devel-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.src", product: { name: "libxml2-0:2.9.1-6.el7.4.src", product_id: "libxml2-0:2.9.1-6.el7.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, ], }, vulnerabilities: [ { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, ], }
RHBA-2020:1539
Vulnerability from csaf_redhat
Published
2020-04-22 13:24
Modified
2025-03-15 20:39
Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container
Notes
Topic
Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container
Details
* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)
* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)
* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)
* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container", title: "Topic", }, { category: "general", text: "* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)\n* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)\n* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)\n* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2020:1539", url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1539.json", }, ], title: "Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.5.6-1 - RHEL7 Container", tracking: { current_release_date: "2025-03-15T20:39:09+00:00", generator: { date: "2025-03-15T20:39:09+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHBA-2020:1539", initial_release_date: "2020-04-22T13:24:05+00:00", revision_history: [ { date: "2020-04-22T13:24:05+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-22T13:24:05+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T20:39:09+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Tower 3.5 for RHEL 7 Server", product: { name: "Red Hat Ansible Tower 3.5 for RHEL 7 Server", product_id: "7Server-Ansible-Tower-3.5", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_tower:3.5::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Tower", }, { branches: [ { category: "product_version", name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product: { name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product_id: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", product_identification_helper: { purl: "pkg:oci/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463?arch=amd64&repository_url=registry.redhat.io/ansible-tower-35/ansible-tower&tag=3.5.6-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64 as a component of Red Hat Ansible Tower 3.5 for RHEL 7 Server", product_id: "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", }, product_reference: "ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", relates_to_product_reference: "7Server-Ansible-Tower-3.5", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Ucha Gobejishvili", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2015-2716", discovery_date: "2015-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1220607", }, ], notes: [ { category: "description", text: "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.", title: "Vulnerability description", }, { category: "summary", text: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of expat package as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-2716", }, { category: "external", summary: "RHBZ#1220607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1220607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-2716", url: "https://www.cve.org/CVERecord?id=CVE-2015-2716", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", url: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", }, ], release_date: "2015-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", }, { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-10360", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590000", }, ], notes: [ { category: "description", text: "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", title: "Vulnerability description", }, { category: "summary", text: "file: out-of-bounds read via a crafted ELF file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10360", }, { category: "external", summary: "RHBZ#1590000", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10360", url: "https://www.cve.org/CVERecord?id=CVE-2018-10360", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "file: out-of-bounds read via a crafted ELF file", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, { cve: "CVE-2018-18074", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-10-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1643829", }, ], notes: [ { category: "description", text: "A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials.", title: "Vulnerability description", }, { category: "summary", text: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-18074", }, { category: "external", summary: "RHBZ#1643829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1643829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-18074", url: "https://www.cve.org/CVERecord?id=CVE-2018-18074", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", }, ], release_date: "2018-06-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 2.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", }, { cve: "CVE-2018-20060", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1649153", }, ], notes: [ { category: "description", text: "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20060", }, { category: "external", summary: "RHBZ#1649153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1649153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20060", url: "https://www.cve.org/CVERecord?id=CVE-2018-20060", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", }, ], release_date: "2018-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", }, { cve: "CVE-2018-20852", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1740347", }, ], notes: [ { category: "description", text: "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.", title: "Vulnerability description", }, { category: "summary", text: "python: Cookie domain check returns incorrect results", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of python as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of python3 as shipped with Red Hat Enterprise Linux 7 and 8. This issue affects the versions of python2 and python36 as shipped with Red Hat Enterprise Linux 8.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20852", }, { category: "external", summary: "RHBZ#1740347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20852", url: "https://www.cve.org/CVERecord?id=CVE-2018-20852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "A potentially simple workaround in the absence of patch on affected versions is to set DomainStrict in the cookiepolicy that would make sure a literal match against domain. The disadvantage would be that cookie set on example.com would not be shared with subdomain which might break workflow.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Cookie domain check returns incorrect results", }, { acknowledgments: [ { names: [ "Ray Strode", ], organization: "The GNOME Project", }, { names: [ "Maxime Vellard", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3820", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2019-01-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669391", }, ], notes: [ { category: "description", text: "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3.", title: "Vulnerability description", }, { category: "summary", text: "gnome-shell: partial lock screen bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3820", }, { category: "external", summary: "RHBZ#1669391", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669391", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3820", url: "https://www.cve.org/CVERecord?id=CVE-2019-3820", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", url: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", }, ], release_date: "2019-02-05T12:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gnome-shell: partial lock screen bypass", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, { cve: "CVE-2019-9924", cwe: { id: "CWE-138", name: "Improper Neutralization of Special Elements", }, discovery_date: "2019-03-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1691774", }, ], notes: [ { category: "description", text: "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.", title: "Vulnerability description", }, { category: "summary", text: "bash: BASH_CMD is writable in restricted bash shells", title: "Vulnerability summary", }, { category: "other", text: "Impact of the flaw set to Moderate as restricted shell shall not be used as a security feature alone, as it is very hard to configure it properly and several bypasses exist for it.\n\nThis issue did not affect the versions of bash as shipped with Red Hat Enterprise Linux 5 as they did not include support for BASH_CMDS environment variable.\n\nRed Hat Virtualization Hypervisor and Management Appliance were affected by this issue, but do not use the restricted bash shell in a way that would be exposed to attackers. Future updates may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-9924", }, { category: "external", summary: "RHBZ#1691774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-9924", url: "https://www.cve.org/CVERecord?id=CVE-2019-9924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", }, ], release_date: "2019-03-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: BASH_CMD is writable in restricted bash shells", }, { cve: "CVE-2019-11236", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2019-04-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1700824", }, ], notes: [ { category: "description", text: "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of python-urllib3 shipped with Red Hat Gluster Storage 3, as it is vulnerable to CRLF injection.\n\nRed Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11236", }, { category: "external", summary: "RHBZ#1700824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11236", url: "https://www.cve.org/CVERecord?id=CVE-2019-11236", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", }, ], release_date: "2019-03-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-09-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1749839", }, ], notes: [ { category: "description", text: "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.", title: "Vulnerability description", }, { category: "summary", text: "python: email.utils.parseaddr wrongly parses email addresses", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-16056", }, { category: "external", summary: "RHBZ#1749839", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-16056", url: "https://www.cve.org/CVERecord?id=CVE-2019-16056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", }, ], release_date: "2018-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: email.utils.parseaddr wrongly parses email addresses", }, { cve: "CVE-2019-17041", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766693", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17041", }, { category: "external", summary: "RHBZ#1766693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766693", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17041", url: "https://www.cve.org/CVERecord?id=CVE-2019-17041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", }, ], release_date: "2019-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", }, { cve: "CVE-2019-17042", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766700", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17042", }, { category: "external", summary: "RHBZ#1766700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17042", url: "https://www.cve.org/CVERecord?id=CVE-2019-17042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", }, ], release_date: "2019-10-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1734", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, discovery_date: "2019-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1801804", }, ], notes: [ { category: "description", text: "A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts.", title: "Vulnerability description", }, { category: "summary", text: "ansible: shell enabled by default in a pipe lookup plugin subprocess", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1734", }, { category: "external", summary: "RHBZ#1801804", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1801804", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1734", url: "https://www.cve.org/CVERecord?id=CVE-2020-1734", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1734", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1734", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "This issue can be avoided by escaping variables which are used in the lookup.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: shell enabled by default in a pipe lookup plugin subprocess", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1735", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802085", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node.", title: "Vulnerability description", }, { category: "summary", text: "ansible: path injection on dest parameter in fetch module", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1735", }, { category: "external", summary: "RHBZ#1802085", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802085", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1735", url: "https://www.cve.org/CVERecord?id=CVE-2020-1735", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1735", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1735", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the affected fetch module when possible.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 4.2, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: path injection on dest parameter in fetch module", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1736", cwe: { id: "CWE-732", name: "Incorrect Permission Assignment for Critical Resource", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802124", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This issue affects only the newly created files and not existing ones. If the file already exists at the final destination, those permissions are retained. This could lead to the disclosure of sensitive data.", title: "Vulnerability description", }, { category: "summary", text: "ansible: atomic_move primitive sets permissive permissions", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.8.14 and 2.9.12 as well as previous versions and all 2.7.x versions are affected.\n\nAnsible Tower 3.6.5 and 3.7.2 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1736", }, { category: "external", summary: "RHBZ#1802124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1736", url: "https://www.cve.org/CVERecord?id=CVE-2020-1736", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1736", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1736", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "This issue can be mitigated by specifying the \"mode\" on the task. That just leaves a race condition in place where newly created files that specify a mode in the task briefly go from 666 - umask to the final mode. An alternative workaround if many new files are created and to avoid setting a specific mode for each file would be to set the \"mode\" to \"preserve\" value. That will maintain the permissions of the source file on the controller in the final file on the managed host.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 2.2, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: atomic_move primitive sets permissive permissions", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1737", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-02-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802154", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal.", title: "Vulnerability description", }, { category: "summary", text: "ansible: Extract-Zip function in win_unzip module does not check extracted path", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1737", }, { category: "external", summary: "RHBZ#1802154", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802154", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1737", url: "https://www.cve.org/CVERecord?id=CVE-2020-1737", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1737", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1737", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the affected win_unzip module when possible.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "ansible: Extract-Zip function in win_unzip module does not check extracted path", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1738", cwe: { id: "CWE-88", name: "Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802164", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file.", title: "Vulnerability description", }, { category: "summary", text: "ansible: module package can be selected by the ansible facts", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1738", }, { category: "external", summary: "RHBZ#1802164", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802164", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1738", url: "https://www.cve.org/CVERecord?id=CVE-2020-1738", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1738", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1738", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Specify the parameter 'use' when possible on the package and service modules. Avoid using Ansible Collections on Ansible 2.8.9 or 2.7.16 (and any of the previous versions) as they are not rejecting python with no path (already fixed in 2.9.x).", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: module package can be selected by the ansible facts", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1739", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802178", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine. When a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.", title: "Vulnerability description", }, { category: "summary", text: "ansible: svn module leaks password when specified as a parameter", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1739", }, { category: "external", summary: "RHBZ#1802178", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802178", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1739", url: "https://www.cve.org/CVERecord?id=CVE-2020-1739", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1739", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1739", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Instead of using the parameter 'password' of the subversion module, provide the password with stdin.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: svn module leaks password when specified as a parameter", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-1740", cwe: { id: "CWE-377", name: "Insecure Temporary File", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1802193", }, ], notes: [ { category: "description", text: "A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes \"ansible-vault edit\", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and the method write_data is called to write the existing secret in the file. This method will delete the file before recreating it insecurely.", title: "Vulnerability description", }, { category: "summary", text: "ansible: secrets readable after ansible-vault edit", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1740", }, { category: "external", summary: "RHBZ#1802193", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1802193", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1740", url: "https://www.cve.org/CVERecord?id=CVE-2020-1740", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1740", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1740", }, ], release_date: "2020-02-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except avoid using the 'edit' option from 'ansible-vault' command line tool.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: secrets readable after ansible-vault edit", }, { acknowledgments: [ { names: [ "Felix Fountein", ], }, ], cve: "CVE-2020-1746", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, discovery_date: "2019-12-16T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1805491", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine when the ldap_attr and ldap_entry community modules are used. The issue discloses the LDAP bind password to stdout or a log file if a playbook task is written using the bind_pw in the parameters field. The highest threat from this vulnerability is data confidentiality.", title: "Vulnerability description", }, { category: "summary", text: "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be provided from core Ansible. But we still ship ansible separately for ceph ubuntu.\n\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1746", }, { category: "external", summary: "RHBZ#1805491", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1805491", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1746", url: "https://www.cve.org/CVERecord?id=CVE-2020-1746", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1746", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1746", }, ], release_date: "2020-02-28T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Using args keyword and embedding the ldap_auth variable instead of using bind_pw parameter would mitigate this issue.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "ansible: Information disclosure issue in ldap_attr and ldap_entry modules", }, { acknowledgments: [ { names: [ "Abhijeet Kasurde", ], organization: "Red Hat", summary: "This issue was discovered by Red Hat.", }, ], cve: "CVE-2020-1753", cwe: { id: "CWE-532", name: "Insertion of Sensitive Information into Log File", }, discovery_date: "2020-03-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1811008", }, ], notes: [ { category: "description", text: "A security flaw was found in the Ansible Engine when managing Kubernetes using the k8s connection plugin. Sensitive parameters such as passwords and tokens are passed to the kubectl command line instead of using environment variables or an input configuration file, which is safer. This flaw discloses passwords and tokens from the process list, and the no_log directive from the debug module would not be reflected in the underlying command-line tools options, displaying passwords and tokens on stdout and log files.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: kubectl connection plugin leaks sensitive information", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.7.17, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\nAnsible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\nIn Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-1753", }, { category: "external", summary: "RHBZ#1811008", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1811008", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-1753", url: "https://www.cve.org/CVERecord?id=CVE-2020-1753", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-1753", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-1753", }, ], release_date: "2020-03-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: kubectl connection plugin leaks sensitive information", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-10684", cwe: { id: "CWE-862", name: "Missing Authorization", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1815519", }, ], notes: [ { category: "description", text: "A flaw was found in the Ansible Engine. When using ansible_facts as a subkey of itself, and promoting it to a variable when injecting is enabled, overwriting the ansible_facts after the clean, an attacker could take advantage of this by altering the ansible_facts leading to privilege escalation or code injection. The highest threat from this vulnerability are to data integrity and system availability.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: code injection when using ansible_facts as a subkey", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n* Red Hat Gluster Storage and Red Hat Ceph Storage no longer maintains their own version of Ansible. The fix will be consumed from core Ansible. But we still ship ansible separately for ceph ubuntu.\n* Red Hat OpenStack Platform does package the affected code. However, because RHOSP does not use ansible_facts as a subkey directly, the RHOSP impact has been reduced to Moderate and no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10684", }, { category: "external", summary: "RHBZ#1815519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1815519", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10684", url: "https://www.cve.org/CVERecord?id=CVE-2020-10684", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10684", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10684", }, ], release_date: "2020-03-23T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is not a known mitigation except avoiding the functionality of using ansible_facts as a subkey.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.9, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "Ansible: code injection when using ansible_facts as a subkey", }, { acknowledgments: [ { names: [ "Damien Aumaitre", "Nicolas Surbayrole", ], organization: "Quarkslab", }, ], cve: "CVE-2020-10685", cwe: { id: "CWE-459", name: "Incomplete Cleanup", }, discovery_date: "2020-01-21T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1814627", }, ], notes: [ { category: "description", text: "A flaw was found on Ansible Engine when using modules which decrypts vault files such as assemble, script, unarchive, win_copy, aws_s3 or copy modules. The temporary directory is created in /tmp leaves the secrets unencrypted.\r\n\r\nOn Operating Systems which /tmp is not a tmpfs but part of the root partition, the directory is only cleared on boot and the decrypted data remains when the host is switched off. The system will be vulnerable when the system is not running. So decrypted data must be cleared as soon as possible and the data which normally is encrypted is sensible.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: modules which use files encrypted with vault are not properly cleaned up", title: "Vulnerability summary", }, { category: "other", text: "* Ansible Engine 2.7.16, 2.8.10, and 2.9.6 as well as previous versions are affected.\n\n* Ansible Tower 3.4.5, 3.5.5 and 3.6.3 as well as previous versions are affected.\n\n* In Red Hat OpenStack Platform, because the flaw has a lower impact, ansible is not directly customer exposed, and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP ansible package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10685", }, { category: "external", summary: "RHBZ#1814627", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1814627", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10685", url: "https://www.cve.org/CVERecord?id=CVE-2020-10685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10685", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10685", }, ], release_date: "2020-03-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:24:05+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1539", }, { category: "workaround", details: "Currently, there is no mitigation for this issue except by removing manually the temporary created file after every run.", product_ids: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.5:ansible-tower-35/ansible-tower@sha256:d1f358079de0367d7b2462b4eae113251b7d29c218d19c6fb57b6ebc72769463_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: modules which use files encrypted with vault are not properly cleaned up", }, ], }
RHSA-2018:0287
Vulnerability from csaf_redhat
Published
2018-02-08 12:39
Modified
2025-01-09 05:39
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 4 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1,2 and 3), which are documented in the Release Notes document linked to in the References.
Security Fix(es):
Details around this issue, including information about the CVE, severity of the issue, and the CVSS score can be found on the CVE page listed in the Reference section below.
* chromium-browser: use after free in libxml (CVE-2017-15412, Important)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 4 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1,2 and 3), which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\nDetails around this issue, including information about the CVE, severity of the issue, and the CVSS score can be found on the CVE page listed in the Reference section below.\n\n* chromium-browser: use after free in libxml (CVE-2017-15412, Important)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:0287", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2017-15412", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.23", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.23", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0287.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update", tracking: { current_release_date: "2025-01-09T05:39:00+00:00", generator: { date: "2025-01-09T05:39:00+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.5", }, }, id: "RHSA-2018:0287", initial_release_date: "2018-02-08T12:39:22+00:00", revision_history: [ { date: "2018-02-08T12:39:22+00:00", number: "1", summary: "Initial version", }, { date: "2018-02-08T12:39:22+00:00", number: "2", summary: "Last updated version", }, { date: "2025-01-09T05:39:00+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Text-Only JBCS", product: { name: "Text-Only JBCS", product_id: "Text-Only JBCS", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Text-Only JBCS", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-02-08T12:39:22+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.", product_ids: [ "Text-Only JBCS", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:0287", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Text-Only JBCS", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, ], }
rhsa-2018_0287
Vulnerability from csaf_redhat
Published
2018-02-08 12:39
Modified
2024-11-14 21:48
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 4 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1,2 and 3), which are documented in the Release Notes document linked to in the References.
Security Fix(es):
Details around this issue, including information about the CVE, severity of the issue, and the CVSS score can be found on the CVE page listed in the Reference section below.
* chromium-browser: use after free in libxml (CVE-2017-15412, Important)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 4 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1,2 and 3), which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\nDetails around this issue, including information about the CVE, severity of the issue, and the CVSS score can be found on the CVE page listed in the Reference section below.\n\n* chromium-browser: use after free in libxml (CVE-2017-15412, Important)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2018:0287", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#important", url: "https://access.redhat.com/security/updates/classification/#important", }, { category: "external", summary: "https://access.redhat.com/security/cve/CVE-2017-15412", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.23", url: "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp&downloadType=securityPatches&version=2.4.23", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0287.json", }, ], title: "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update", tracking: { current_release_date: "2024-11-14T21:48:14+00:00", generator: { date: "2024-11-14T21:48:14+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2018:0287", initial_release_date: "2018-02-08T12:39:22+00:00", revision_history: [ { date: "2018-02-08T12:39:22+00:00", number: "1", summary: "Initial version", }, { date: "2018-02-08T12:39:22+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T21:48:14+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat JBoss Core Services 1", product: { name: "Red Hat JBoss Core Services 1", product_id: "Red Hat JBoss Core Services 1", product_identification_helper: { cpe: "cpe:/a:redhat:jboss_core_services:1", }, }, }, ], category: "product_family", name: "Red Hat JBoss Core Services", }, ], category: "vendor", name: "Red Hat", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "Red Hat JBoss Core Services 1", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2018-02-08T12:39:22+00:00", details: "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.", product_ids: [ "Red Hat JBoss Core Services 1", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2018:0287", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "Red Hat JBoss Core Services 1", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, ], }
rhba-2020:1540
Vulnerability from csaf_redhat
Published
2020-04-22 13:21
Modified
2025-03-15 20:39
Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
Notes
Topic
Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
Details
* Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity
* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)
* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)
* Fixed event hostnames to be recorded for playbooks run on isolated nodes
* Fixed a PostgreSQL issue that caused upgrade failures in certain situations
* Fixed the search for Source Control credentials in the Tower user interface
* Fixed a performance issue to no longer delay the output of project updates for certain users
* Fixed the installations to no longer fail with admin passwords that contain certain special characters
* Fixed the start time to correctly set for approval notifications
* Fixed an inconsistency in gathered inventory analytics
* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)
* Updated single sign-on integration to address several upcoming GitHub API deprecations
* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109
* Updated translations
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container", title: "Topic", }, { category: "general", text: "* Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity\n* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)\n* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)\n* Fixed event hostnames to be recorded for playbooks run on isolated nodes\n* Fixed a PostgreSQL issue that caused upgrade failures in certain situations\n* Fixed the search for Source Control credentials in the Tower user interface\n* Fixed a performance issue to no longer delay the output of project updates for certain users\n* Fixed the installations to no longer fail with admin passwords that contain certain special characters\n* Fixed the start time to correctly set for approval notifications\n* Fixed an inconsistency in gathered inventory analytics\n* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)\n* Updated single sign-on integration to address several upcoming GitHub API deprecations\n* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109\n* Updated translations", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2020:1540", url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1540.json", }, ], title: "Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container", tracking: { current_release_date: "2025-03-15T20:39:18+00:00", generator: { date: "2025-03-15T20:39:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.4.1", }, }, id: "RHBA-2020:1540", initial_release_date: "2020-04-22T13:21:59+00:00", revision_history: [ { date: "2020-04-22T13:21:59+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-22T13:21:59+00:00", number: "2", summary: "Last updated version", }, { date: "2025-03-15T20:39:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Tower 3.6 for RHEL 7", product: { name: "Red Hat Ansible Tower 3.6 for RHEL 7", product_id: "7Server-Ansible-Tower-3.6", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_tower:3.6::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Tower", }, { branches: [ { category: "product_version", name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product: { name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product_id: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product_identification_helper: { purl: "pkg:oci/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f?arch=amd64&repository_url=registry.redhat.io/ansible-tower-36/ansible-tower&tag=3.6.4-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64 as a component of Red Hat Ansible Tower 3.6 for RHEL 7", product_id: "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", }, product_reference: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", relates_to_product_reference: "7Server-Ansible-Tower-3.6", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Ucha Gobejishvili", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2015-2716", discovery_date: "2015-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1220607", }, ], notes: [ { category: "description", text: "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.", title: "Vulnerability description", }, { category: "summary", text: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of expat package as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-2716", }, { category: "external", summary: "RHBZ#1220607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1220607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-2716", url: "https://www.cve.org/CVERecord?id=CVE-2015-2716", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", url: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", }, ], release_date: "2015-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", }, { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-10360", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590000", }, ], notes: [ { category: "description", text: "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", title: "Vulnerability description", }, { category: "summary", text: "file: out-of-bounds read via a crafted ELF file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10360", }, { category: "external", summary: "RHBZ#1590000", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10360", url: "https://www.cve.org/CVERecord?id=CVE-2018-10360", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "file: out-of-bounds read via a crafted ELF file", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, { cve: "CVE-2018-18074", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-10-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1643829", }, ], notes: [ { category: "description", text: "A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials.", title: "Vulnerability description", }, { category: "summary", text: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-18074", }, { category: "external", summary: "RHBZ#1643829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1643829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-18074", url: "https://www.cve.org/CVERecord?id=CVE-2018-18074", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", }, ], release_date: "2018-06-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 2.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", }, { cve: "CVE-2018-20060", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1649153", }, ], notes: [ { category: "description", text: "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20060", }, { category: "external", summary: "RHBZ#1649153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1649153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20060", url: "https://www.cve.org/CVERecord?id=CVE-2018-20060", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", }, ], release_date: "2018-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", }, { cve: "CVE-2018-20852", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1740347", }, ], notes: [ { category: "description", text: "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.", title: "Vulnerability description", }, { category: "summary", text: "python: Cookie domain check returns incorrect results", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of python as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of python3 as shipped with Red Hat Enterprise Linux 7 and 8. This issue affects the versions of python2 and python36 as shipped with Red Hat Enterprise Linux 8.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20852", }, { category: "external", summary: "RHBZ#1740347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20852", url: "https://www.cve.org/CVERecord?id=CVE-2018-20852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "A potentially simple workaround in the absence of patch on affected versions is to set DomainStrict in the cookiepolicy that would make sure a literal match against domain. The disadvantage would be that cookie set on example.com would not be shared with subdomain which might break workflow.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Cookie domain check returns incorrect results", }, { acknowledgments: [ { names: [ "Ray Strode", ], organization: "The GNOME Project", }, { names: [ "Maxime Vellard", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3820", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2019-01-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669391", }, ], notes: [ { category: "description", text: "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3.", title: "Vulnerability description", }, { category: "summary", text: "gnome-shell: partial lock screen bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3820", }, { category: "external", summary: "RHBZ#1669391", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669391", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3820", url: "https://www.cve.org/CVERecord?id=CVE-2019-3820", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", url: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", }, ], release_date: "2019-02-05T12:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gnome-shell: partial lock screen bypass", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, { cve: "CVE-2019-9924", cwe: { id: "CWE-138", name: "Improper Neutralization of Special Elements", }, discovery_date: "2019-03-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1691774", }, ], notes: [ { category: "description", text: "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.", title: "Vulnerability description", }, { category: "summary", text: "bash: BASH_CMD is writable in restricted bash shells", title: "Vulnerability summary", }, { category: "other", text: "Impact of the flaw set to Moderate as restricted shell shall not be used as a security feature alone, as it is very hard to configure it properly and several bypasses exist for it.\n\nThis issue did not affect the versions of bash as shipped with Red Hat Enterprise Linux 5 as they did not include support for BASH_CMDS environment variable.\n\nRed Hat Virtualization Hypervisor and Management Appliance were affected by this issue, but do not use the restricted bash shell in a way that would be exposed to attackers. Future updates may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-9924", }, { category: "external", summary: "RHBZ#1691774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-9924", url: "https://www.cve.org/CVERecord?id=CVE-2019-9924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", }, ], release_date: "2019-03-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: BASH_CMD is writable in restricted bash shells", }, { cve: "CVE-2019-11236", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2019-04-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1700824", }, ], notes: [ { category: "description", text: "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of python-urllib3 shipped with Red Hat Gluster Storage 3, as it is vulnerable to CRLF injection.\n\nRed Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11236", }, { category: "external", summary: "RHBZ#1700824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11236", url: "https://www.cve.org/CVERecord?id=CVE-2019-11236", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", }, ], release_date: "2019-03-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-09-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1749839", }, ], notes: [ { category: "description", text: "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.", title: "Vulnerability description", }, { category: "summary", text: "python: email.utils.parseaddr wrongly parses email addresses", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-16056", }, { category: "external", summary: "RHBZ#1749839", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-16056", url: "https://www.cve.org/CVERecord?id=CVE-2019-16056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", }, ], release_date: "2018-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: email.utils.parseaddr wrongly parses email addresses", }, { cve: "CVE-2019-17041", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766693", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17041", }, { category: "external", summary: "RHBZ#1766693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766693", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17041", url: "https://www.cve.org/CVERecord?id=CVE-2019-17041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", }, ], release_date: "2019-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", }, { cve: "CVE-2019-17042", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766700", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17042", }, { category: "external", summary: "RHBZ#1766700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17042", url: "https://www.cve.org/CVERecord?id=CVE-2019-17042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", }, ], release_date: "2019-10-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", }, { acknowledgments: [ { names: [ "Felix Fountein", ], }, ], cve: "CVE-2020-10691", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1817161", }, ], notes: [ { category: "description", text: "An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: archive traversal vulnerability in ansible-galaxy collection install", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.9.6 as well as previous 2.9.x versions are affected. Ansible versions less than or equal to 2.8 are not affected by this vulnerability as this functionality was introduced on 2.9.\n\nAnsible Tower 3.6.3 as well as previous 3.6.x versions are affected as they use ansible-galaxy collections.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "RHBZ#1817161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1817161", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10691", url: "https://www.cve.org/CVERecord?id=CVE-2020-10691", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10691", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10691", }, ], release_date: "2020-03-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "A possible mitigation of archive traversal issue could be done by restricting file access control and directory write accesses for extracting tarball files. This is feasible only for scenarios when the destination path could be known and enforced beforehand.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: archive traversal vulnerability in ansible-galaxy collection install", }, { acknowledgments: [ { names: [ "Rihards Olups", ], }, ], cve: "CVE-2020-10729", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, discovery_date: "2020-05-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1831089", }, ], notes: [ { category: "description", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: two random password lookups in same task return same value", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "RHBZ#1831089", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10729", url: "https://www.cve.org/CVERecord?id=CVE-2020-10729", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", }, { category: "external", summary: "https://github.com/ansible/ansible/issues/34144", url: "https://github.com/ansible/ansible/issues/34144", }, ], release_date: "2017-12-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: two random password lookups in same task return same value", }, ], }
rhsa-2020_1190
Vulnerability from csaf_redhat
Published
2020-03-31 20:22
Modified
2024-11-22 14:13
Summary
Red Hat Security Advisory: libxml2 security update
Notes
Topic
An update for libxml2 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The libxml2 library is a development toolbox providing the implementation of various XML standards.
Security Fix(es):
* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)
* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)
* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)
* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)
* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)
* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for libxml2 is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "The libxml2 library is a development toolbox providing the implementation of various XML standards.\n\nSecurity Fix(es):\n\n* libxml2: Use after free triggered by XPointer paths beginning with range-to (CVE-2016-5131)\n\n* libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c (CVE-2017-15412)\n\n* libxml2: DoS caused by incorrect error detection during XZ decompression (CVE-2015-8035)\n\n* libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c (CVE-2018-14404)\n\n* libxml2: Unrestricted memory usage in xz_head() function in xzlib.c (CVE-2017-18258)\n\n* libxml2: Infinite loop caused by incorrect error detection during LZMA decompression (CVE-2018-14567)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2020:1190", url: "https://access.redhat.com/errata/RHSA-2020:1190", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", }, { category: "external", summary: "1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1190.json", }, ], title: "Red Hat Security Advisory: libxml2 security update", tracking: { current_release_date: "2024-11-22T14:13:51+00:00", generator: { date: "2024-11-22T14:13:51+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2020:1190", initial_release_date: "2020-03-31T20:22:50+00:00", revision_history: [ { date: "2020-03-31T20:22:50+00:00", number: "1", summary: "Initial version", }, { date: "2020-03-31T20:22:50+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:13:51+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Client (v. 7)", product: { name: "Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Client Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::client", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product: { name: "Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::computenode", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server (v. 7)", product: { name: "Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::server", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product: { name: "Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:7::workstation", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-static-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-devel-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=s390x", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.s390x", product: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x", product_id: "libxml2-python-0:2.9.1-6.el7.4.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-static-0:2.9.1-6.el7.4.s390", product_id: "libxml2-static-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-0:2.9.1-6.el7.4.s390", product_id: "libxml2-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=s390", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.s390", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390", product_id: "libxml2-devel-0:2.9.1-6.el7.4.s390", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=s390", }, }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-static-0:2.9.1-6.el7.4.i686", product_id: "libxml2-static-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-0:2.9.1-6.el7.4.i686", product_id: "libxml2-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=i686", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.i686", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686", product_id: "libxml2-devel-0:2.9.1-6.el7.4.i686", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-static-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=x86_64", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product_id: "libxml2-python-0:2.9.1-6.el7.4.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc64", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product_id: "libxml2-python-0:2.9.1-6.el7.4.ppc64", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=ppc64", }, }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc", }, }, }, ], category: "architecture", name: "ppc", }, { branches: [ { category: "product_version", name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-static@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-debuginfo@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-devel@2.9.1-6.el7.4?arch=ppc64le", }, }, }, { category: "product_version", name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product_id: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2-python@2.9.1-6.el7.4?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "libxml2-0:2.9.1-6.el7.4.src", product: { name: "libxml2-0:2.9.1-6.el7.4.src", product_id: "libxml2-0:2.9.1-6.el7.4.src", product_identification_helper: { purl: "pkg:rpm/redhat/libxml2@2.9.1-6.el7.4?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)", product_id: "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)", product_id: "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Client-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode (v. 7)", product_id: "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)", product_id: "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7ComputeNode-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)", product_id: "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)", product_id: "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Server-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)", product_id: "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", }, product_reference: "libxml2-0:2.9.1-6.el7.4.src", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-devel-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-devel-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-python-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-python-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.i686", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.ppc64le", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.s390x", relates_to_product_reference: "7Workstation-optional-7.8", }, { category: "default_component_of", full_product_name: { name: "libxml2-static-0:2.9.1-6.el7.4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)", product_id: "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", }, product_reference: "libxml2-static-0:2.9.1-6.el7.4.x86_64", relates_to_product_reference: "7Workstation-optional-7.8", }, ], }, vulnerabilities: [ { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-03-31T20:22:50+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe desktop must be restarted (log out, then log back in) for this update to take effect.", product_ids: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2020:1190", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Client-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Client-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Client-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7ComputeNode-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7ComputeNode-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Server-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Server-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.src", "7Workstation-optional-7.8:libxml2-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-debuginfo-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-devel-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-python-0:2.9.1-6.el7.4.x86_64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.i686", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.ppc64le", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.s390x", "7Workstation-optional-7.8:libxml2-static-0:2.9.1-6.el7.4.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, ], }
rhba-2020_1540
Vulnerability from csaf_redhat
Published
2020-04-22 13:21
Modified
2024-11-22 14:31
Summary
Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
Notes
Topic
Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container
Details
* Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity
* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)
* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)
* Fixed event hostnames to be recorded for playbooks run on isolated nodes
* Fixed a PostgreSQL issue that caused upgrade failures in certain situations
* Fixed the search for Source Control credentials in the Tower user interface
* Fixed a performance issue to no longer delay the output of project updates for certain users
* Fixed the installations to no longer fail with admin passwords that contain certain special characters
* Fixed the start time to correctly set for approval notifications
* Fixed an inconsistency in gathered inventory analytics
* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)
* Updated single sign-on integration to address several upcoming GitHub API deprecations
* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109
* Updated translations
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container", title: "Topic", }, { category: "general", text: "* Added additional metrics to the Prometheus /api/v2/metrics/ endpoint for reporting remaining instance capacity\n* Fixed Tower to allow users to subscribe to playbook output in organizations they do not have RBAC access to via Towers websocket interface (CVE-2020-10698)\n* Fixed OAuth2 refresh tokens to properly respect custom expiration settings (CVE-2020-10709)\n* Fixed event hostnames to be recorded for playbooks run on isolated nodes\n* Fixed a PostgreSQL issue that caused upgrade failures in certain situations\n* Fixed the search for Source Control credentials in the Tower user interface\n* Fixed a performance issue to no longer delay the output of project updates for certain users\n* Fixed the installations to no longer fail with admin passwords that contain certain special characters\n* Fixed the start time to correctly set for approval notifications\n* Fixed an inconsistency in gathered inventory analytics\n* Improved memcached in OpenShift deployments to listen on a more secure domain socket (CVE-2020-10697)\n* Updated single sign-on integration to address several upcoming GitHub API deprecations\n* Updated the Twisted library to address CVE-2020-10108 and CVE-2020-10109\n* Updated translations", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHBA-2020:1540", url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_1540.json", }, ], title: "Red Hat Bug Fix Advisory: Red Hat Ansible Tower 3.6.4-1 - RHEL7 Container", tracking: { current_release_date: "2024-11-22T14:31:18+00:00", generator: { date: "2024-11-22T14:31:18+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHBA-2020:1540", initial_release_date: "2020-04-22T13:21:59+00:00", revision_history: [ { date: "2020-04-22T13:21:59+00:00", number: "1", summary: "Initial version", }, { date: "2020-04-22T13:21:59+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T14:31:18+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Ansible Tower 3.6 for RHEL 7", product: { name: "Red Hat Ansible Tower 3.6 for RHEL 7", product_id: "7Server-Ansible-Tower-3.6", product_identification_helper: { cpe: "cpe:/a:redhat:ansible_tower:3.6::el7", }, }, }, ], category: "product_family", name: "Red Hat Ansible Tower", }, { branches: [ { category: "product_version", name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product: { name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product_id: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", product_identification_helper: { purl: "pkg:oci/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f?arch=amd64&repository_url=registry.redhat.io/ansible-tower-36/ansible-tower&tag=3.6.4-1", }, }, }, ], category: "architecture", name: "amd64", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64 as a component of Red Hat Ansible Tower 3.6 for RHEL 7", product_id: "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", }, product_reference: "ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", relates_to_product_reference: "7Server-Ansible-Tower-3.6", }, ], }, vulnerabilities: [ { acknowledgments: [ { names: [ "Mozilla project", ], }, { names: [ "Ucha Gobejishvili", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2015-2716", discovery_date: "2015-05-12T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1220607", }, ], notes: [ { category: "description", text: "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.", title: "Vulnerability description", }, { category: "summary", text: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of expat package as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact, a future update may address this flaw.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Cycle phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-2716", }, { category: "external", summary: "RHBZ#1220607", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1220607", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-2716", url: "https://www.cve.org/CVERecord?id=CVE-2015-2716", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-2716", }, { category: "external", summary: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", url: "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", }, ], release_date: "2015-05-12T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "expat: Integer overflow leading to buffer overflow in XML_GetBuffer()", }, { cve: "CVE-2015-8035", cwe: { id: "CWE-252", name: "Unchecked Return Value", }, discovery_date: "2015-11-02T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1277146", }, ], notes: [ { category: "description", text: "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: DoS caused by incorrect error detection during XZ decompression", title: "Vulnerability summary", }, { category: "other", text: "This issue did not affect the versions of libxml2 as shipped with Red Hat Enterprise Linux 5 and 6 as they did not include support for LZMA compression support.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2015-8035", }, { category: "external", summary: "RHBZ#1277146", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1277146", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2015-8035", url: "https://www.cve.org/CVERecord?id=CVE-2015-8035", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-8035", }, ], release_date: "2015-11-02T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: DoS caused by incorrect error detection during XZ decompression", }, { cve: "CVE-2016-5131", discovery_date: "2016-07-20T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1358641", }, ], notes: [ { category: "description", text: "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free triggered by XPointer paths beginning with range-to", title: "Vulnerability summary", }, { category: "other", text: "This flaw in libxml2 requires exposing the library to XPath/XPointer expressions from an untrusted source, which is not common in practice for applications using libxml2. For libxml2, Red Hat Product Security has rated this vulnerability as Moderate severity.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2016-5131", }, { category: "external", summary: "RHBZ#1358641", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1358641", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2016-5131", url: "https://www.cve.org/CVERecord?id=CVE-2016-5131", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", url: "https://nvd.nist.gov/vuln/detail/CVE-2016-5131", }, { category: "external", summary: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", url: "https://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html", }, ], release_date: "2016-07-20T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free triggered by XPointer paths beginning with range-to", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-18258", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-04-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1566749", }, ], notes: [ { category: "description", text: "The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-18258", }, { category: "external", summary: "RHBZ#1566749", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1566749", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-18258", url: "https://www.cve.org/CVERecord?id=CVE-2017-18258", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-18258", }, ], release_date: "2017-09-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 3.5, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Unrestricted memory usage in xz_head() function in xzlib.c", }, { cve: "CVE-2018-10360", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, discovery_date: "2018-06-11T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1590000", }, ], notes: [ { category: "description", text: "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.", title: "Vulnerability description", }, { category: "summary", text: "file: out-of-bounds read via a crafted ELF file", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-10360", }, { category: "external", summary: "RHBZ#1590000", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1590000", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-10360", url: "https://www.cve.org/CVERecord?id=CVE-2018-10360", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-10360", }, ], release_date: "2018-06-09T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "LOW", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "file: out-of-bounds read via a crafted ELF file", }, { cve: "CVE-2018-14404", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, discovery_date: "2018-06-28T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1595985", }, ], notes: [ { category: "description", text: "A null pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 when parsing invalid XPath expression. Applications processing untrusted XSL format inputs with the use of libxml2 library may be vulnerable to denial of service attack due to crash of the application.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 5. Red Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 6. Red Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of libxml2 as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14404", }, { category: "external", summary: "RHBZ#1595985", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1595985", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14404", url: "https://www.cve.org/CVERecord?id=CVE-2018-14404", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14404", }, ], release_date: "2018-06-18T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c", }, { cve: "CVE-2018-14567", cwe: { id: "CWE-400", name: "Uncontrolled Resource Consumption", }, discovery_date: "2018-08-17T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1619875", }, ], notes: [ { category: "description", text: "libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Product Security has rated this flaw as having Low impact. A future update may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-14567", }, { category: "external", summary: "RHBZ#1619875", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1619875", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-14567", url: "https://www.cve.org/CVERecord?id=CVE-2018-14567", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-14567", }, ], release_date: "2018-04-03T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "libxml2: Infinite loop caused by incorrect error detection during LZMA decompression", }, { cve: "CVE-2018-18074", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-10-10T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1643829", }, ], notes: [ { category: "description", text: "A credentials-exposure flaw was found in python-requests, where if a request with authentication is redirected (302) from an HTTPS endpoint to an HTTP endpoint on the same host, the Authorization header is not stripped and the credentials can be read in plain text. A man-in-the-middle attacker could exploit this flaw to obtain a user's valid credentials.", title: "Vulnerability description", }, { category: "summary", text: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-18074", }, { category: "external", summary: "RHBZ#1643829", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1643829", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-18074", url: "https://www.cve.org/CVERecord?id=CVE-2018-18074", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-18074", }, ], release_date: "2018-06-29T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "ADJACENT_NETWORK", availabilityImpact: "NONE", baseScore: 2.6, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "python-requests: Redirect from HTTPS to HTTP does not remove Authorization header", }, { cve: "CVE-2018-20060", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, discovery_date: "2018-11-08T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1649153", }, ], notes: [ { category: "description", text: "urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", title: "Vulnerability summary", }, { category: "other", text: "Red Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20060", }, { category: "external", summary: "RHBZ#1649153", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1649153", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20060", url: "https://www.cve.org/CVERecord?id=CVE-2018-20060", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20060", }, ], release_date: "2018-03-26T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "Use `retries=urllib3.Retry(redirect=0)` when performing requests if you do not need redirection and handle the redirects manually if you need them.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure", }, { cve: "CVE-2018-20852", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-07-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1740347", }, ], notes: [ { category: "description", text: "http.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.", title: "Vulnerability description", }, { category: "summary", text: "python: Cookie domain check returns incorrect results", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the versions of python as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of python3 as shipped with Red Hat Enterprise Linux 7 and 8. This issue affects the versions of python2 and python36 as shipped with Red Hat Enterprise Linux 8.\n\nRed Hat Enterprise Linux 5 is now in Extended Life Phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nRed Hat Enterprise Linux 6 is now in Maintenance Support 2 Phase of the support and maintenance life cycle. This has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20852", }, { category: "external", summary: "RHBZ#1740347", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1740347", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20852", url: "https://www.cve.org/CVERecord?id=CVE-2018-20852", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20852", }, ], release_date: "2018-10-31T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "A potentially simple workaround in the absence of patch on affected versions is to set DomainStrict in the cookiepolicy that would make sure a literal match against domain. The disadvantage would be that cookie set on example.com would not be shared with subdomain which might break workflow.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: Cookie domain check returns incorrect results", }, { acknowledgments: [ { names: [ "Ray Strode", ], organization: "The GNOME Project", }, { names: [ "Maxime Vellard", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-3820", cwe: { id: "CWE-285", name: "Improper Authorization", }, discovery_date: "2019-01-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1669391", }, ], notes: [ { category: "description", text: "A vulnerability was found where the gnome-shell lock screen, since version 3.15.91, does not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts and potentially other actions. This vulnerability was fixed in gnome-shell 3.31.5 and 3.30.3.", title: "Vulnerability description", }, { category: "summary", text: "gnome-shell: partial lock screen bypass", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-3820", }, { category: "external", summary: "RHBZ#1669391", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1669391", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-3820", url: "https://www.cve.org/CVERecord?id=CVE-2019-3820", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-3820", }, { category: "external", summary: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", url: "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851", }, ], release_date: "2019-02-05T12:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "LOW", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "gnome-shell: partial lock screen bypass", }, { acknowledgments: [ { names: [ "the Curl project", ], }, { names: [ "l00p3r", ], summary: "Acknowledged by upstream.", }, ], cve: "CVE-2019-5436", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-05-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1710620", }, ], notes: [ { category: "description", text: "A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.", title: "Vulnerability description", }, { category: "summary", text: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", title: "Vulnerability summary", }, { category: "other", text: "This flaw exists if the user selects to use a \"blksize\" of 504 or smaller (default is 512). The smaller size that is used, the larger the possible overflow becomes.\nUsers choosing a smaller size than default should be rare as the primary use case for changing the size is to make it larger. It is rare for users to use TFTP across the Internet. It is most commonly used within local networks.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-5436", }, { category: "external", summary: "RHBZ#1710620", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1710620", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-5436", url: "https://www.cve.org/CVERecord?id=CVE-2019-5436", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-5436", }, { category: "external", summary: "https://curl.haxx.se/docs/CVE-2019-5436.html", url: "https://curl.haxx.se/docs/CVE-2019-5436.html", }, ], release_date: "2019-05-22T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "curl: TFTP receive heap buffer overflow in tftp_receive_packet() function", }, { cve: "CVE-2019-9924", cwe: { id: "CWE-138", name: "Improper Neutralization of Special Elements", }, discovery_date: "2019-03-22T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1691774", }, ], notes: [ { category: "description", text: "rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.", title: "Vulnerability description", }, { category: "summary", text: "bash: BASH_CMD is writable in restricted bash shells", title: "Vulnerability summary", }, { category: "other", text: "Impact of the flaw set to Moderate as restricted shell shall not be used as a security feature alone, as it is very hard to configure it properly and several bypasses exist for it.\n\nThis issue did not affect the versions of bash as shipped with Red Hat Enterprise Linux 5 as they did not include support for BASH_CMDS environment variable.\n\nRed Hat Virtualization Hypervisor and Management Appliance were affected by this issue, but do not use the restricted bash shell in a way that would be exposed to attackers. Future updates may address this issue.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-9924", }, { category: "external", summary: "RHBZ#1691774", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691774", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-9924", url: "https://www.cve.org/CVERecord?id=CVE-2019-9924", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-9924", }, ], release_date: "2019-03-07T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "bash: BASH_CMD is writable in restricted bash shells", }, { cve: "CVE-2019-11236", cwe: { id: "CWE-113", name: "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')", }, discovery_date: "2019-04-15T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1700824", }, ], notes: [ { category: "description", text: "In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.", title: "Vulnerability description", }, { category: "summary", text: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the version of python-urllib3 shipped with Red Hat Gluster Storage 3, as it is vulnerable to CRLF injection.\n\nRed Hat Satellite 6.2 is on Maintenance Support 2 phase, hence only selected critical and important issues will be fixed. Please refer to Red Hat Satellite Product Life Cycle page for more information.\n\nIn Red Hat OpenStack Platform 13, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-11236", }, { category: "external", summary: "RHBZ#1700824", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1700824", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-11236", url: "https://www.cve.org/CVERecord?id=CVE-2019-11236", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-11236", }, ], release_date: "2019-03-13T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python-urllib3: CRLF injection due to not encoding the '\\r\\n' sequence leading to possible attack on internal service", }, { cve: "CVE-2019-16056", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-09-06T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1749839", }, ], notes: [ { category: "description", text: "An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally.", title: "Vulnerability description", }, { category: "summary", text: "python: email.utils.parseaddr wrongly parses email addresses", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-16056", }, { category: "external", summary: "RHBZ#1749839", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1749839", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-16056", url: "https://www.cve.org/CVERecord?id=CVE-2019-16056", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-16056", }, ], release_date: "2018-07-19T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "python: email.utils.parseaddr wrongly parses email addresses", }, { cve: "CVE-2019-17041", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766693", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon) but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17041", }, { category: "external", summary: "RHBZ#1766693", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766693", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17041", url: "https://www.cve.org/CVERecord?id=CVE-2019-17041", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17041", }, ], release_date: "2019-09-30T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmaixforwardedfrom/pmaixforwardedfrom.c", }, { cve: "CVE-2019-17042", cwe: { id: "CWE-122", name: "Heap-based Buffer Overflow", }, discovery_date: "2019-10-29T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1766700", }, ], notes: [ { category: "description", text: "An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter (in this case, a space or a colon), but fails to account for strings that do not satisfy this constraint. If the string does not match, then the variable lenMsg will reach the value zero and will skip the sanity check that detects invalid log messages. The message will then be considered valid, and the parser will eat up the nonexistent colon delimiter. In doing so, it will decrement lenMsg, a signed integer, whose value was zero and now becomes minus one. The following step in the parser is to shift left the contents of the message. To do this, it will call memmove with the right pointers to the target and destination strings, but the lenMsg will now be interpreted as a huge value, causing a heap overflow.", title: "Vulnerability description", }, { category: "summary", text: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-17042", }, { category: "external", summary: "RHBZ#1766700", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1766700", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-17042", url: "https://www.cve.org/CVERecord?id=CVE-2019-17042", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-17042", }, ], release_date: "2019-10-01T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "rsyslog: heap-based overflow in contrib/pmcisconames/pmcisconames.c", }, { acknowledgments: [ { names: [ "Felix Fountein", ], }, ], cve: "CVE-2020-10691", cwe: { id: "CWE-22", name: "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", }, discovery_date: "2020-03-25T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1817161", }, ], notes: [ { category: "description", text: "An archive traversal flaw was found in Ansible Engine when running ansible-galaxy collection install. When extracting a collection .tar.gz file, the directory is created without sanitizing the filename. An attacker could take advantage to overwrite any file within the system.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: archive traversal vulnerability in ansible-galaxy collection install", title: "Vulnerability summary", }, { category: "other", text: "Ansible Engine 2.9.6 as well as previous 2.9.x versions are affected. Ansible versions less than or equal to 2.8 are not affected by this vulnerability as this functionality was introduced on 2.9.\n\nAnsible Tower 3.6.3 as well as previous 3.6.x versions are affected as they use ansible-galaxy collections.", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10691", }, { category: "external", summary: "RHBZ#1817161", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1817161", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10691", url: "https://www.cve.org/CVERecord?id=CVE-2020-10691", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10691", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10691", }, ], release_date: "2020-03-27T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, { category: "workaround", details: "A possible mitigation of archive traversal issue could be done by restricting file access control and directory write accesses for extracting tarball files. This is feasible only for scenarios when the destination path could be known and enforced beforehand.", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 5.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: archive traversal vulnerability in ansible-galaxy collection install", }, { acknowledgments: [ { names: [ "Rihards Olups", ], }, ], cve: "CVE-2020-10729", cwe: { id: "CWE-330", name: "Use of Insufficiently Random Values", }, discovery_date: "2020-05-04T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1831089", }, ], notes: [ { category: "description", text: "A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file.", title: "Vulnerability description", }, { category: "summary", text: "Ansible: two random password lookups in same task return same value", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2020-10729", }, { category: "external", summary: "RHBZ#1831089", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1831089", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2020-10729", url: "https://www.cve.org/CVERecord?id=CVE-2020-10729", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", url: "https://nvd.nist.gov/vuln/detail/CVE-2020-10729", }, { category: "external", summary: "https://github.com/ansible/ansible/issues/34144", url: "https://github.com/ansible/ansible/issues/34144", }, ], release_date: "2017-12-21T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2020-04-22T13:21:59+00:00", details: "For information on upgrading Ansible Tower, reference the Ansible Tower Upgrade and Migration Guide: https://docs.ansible.com/ansible-tower/latest/html/upgrade-migration-guide/index.html", product_ids: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHBA-2020:1540", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "7Server-Ansible-Tower-3.6:ansible-tower-36/ansible-tower@sha256:a0f23b14edea9a3983614d21c8532d6ef6bf760c56d8249cc452b87eeba60f0f_amd64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "Ansible: two random password lookups in same task return same value", }, ], }
rhsa-2017_3401
Vulnerability from csaf_redhat
Published
2017-12-07 19:30
Modified
2024-11-14 21:47
Summary
Red Hat Security Advisory: chromium-browser security update
Notes
Topic
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Chromium is an open-source web browser, powered by WebKit (Blink).
This update upgrades Chromium to version 63.0.3239.84.
Security Fix(es):
* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Critical", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "Chromium is an open-source web browser, powered by WebKit (Blink).\n\nThis update upgrades Chromium to version 63.0.3239.84.\n\nSecurity Fix(es):\n\n* Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15412, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15422, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427)", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2017:3401", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#critical", url: "https://access.redhat.com/security/updates/classification/#critical", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { category: "external", summary: "1523123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523123", }, { category: "external", summary: "1523124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523124", }, { category: "external", summary: "1523125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523125", }, { category: "external", summary: "1523126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523126", }, { category: "external", summary: "1523127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523127", }, { category: "external", summary: "1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "1523129", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523129", }, { category: "external", summary: "1523130", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523130", }, { category: "external", summary: "1523131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523131", }, { category: "external", summary: "1523132", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523132", }, { category: "external", summary: "1523133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523133", }, { category: "external", summary: "1523134", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523134", }, { category: "external", summary: "1523135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523135", }, { category: "external", summary: "1523136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", }, { category: "external", summary: "1523137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523137", }, { category: "external", summary: "1523138", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523138", }, { category: "external", summary: "1523139", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523139", }, { category: "external", summary: "1523140", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523140", }, { category: "external", summary: "1523141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523141", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3401.json", }, ], title: "Red Hat Security Advisory: chromium-browser security update", tracking: { current_release_date: "2024-11-14T21:47:17+00:00", generator: { date: "2024-11-14T21:47:17+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2017:3401", initial_release_date: "2017-12-07T19:30:35+00:00", revision_history: [ { date: "2017-12-07T19:30:35+00:00", number: "1", summary: "Initial version", }, { date: "2017-12-07T19:30:35+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-14T21:47:17+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Server Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product: { name: "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z", product_identification_helper: { cpe: "cpe:/a:redhat:rhel_extras:6", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux Supplementary", }, { branches: [ { category: "product_version", name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product_id: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser-debuginfo@63.0.3239.84-1.el6_9?arch=x86_64", }, }, }, { category: "product_version", name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product_id: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser@63.0.3239.84-1.el6_9?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product_id: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser-debuginfo@63.0.3239.84-1.el6_9?arch=i686", }, }, }, { category: "product_version", name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product_id: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", product_identification_helper: { purl: "pkg:rpm/redhat/chromium-browser@63.0.3239.84-1.el6_9?arch=i686", }, }, }, ], category: "architecture", name: "i686", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", product_id: "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Client-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", product_id: "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Server-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, { category: "default_component_of", full_product_name: { name: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", product_id: "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", }, product_reference: "chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", relates_to_product_reference: "6Workstation-Supplementary-6.9.z", }, ], }, vulnerabilities: [ { cve: "CVE-2017-15407", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523123", }, ], notes: [ { category: "description", text: "Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds write in quic", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15407", }, { category: "external", summary: "RHBZ#1523123", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523123", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15407", url: "https://www.cve.org/CVERecord?id=CVE-2017-15407", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15407", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15407", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Critical", }, ], title: "chromium-browser: out of bounds write in quic", }, { cve: "CVE-2017-15408", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523124", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: heap buffer overflow in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15408", }, { category: "external", summary: "RHBZ#1523124", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523124", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15408", url: "https://www.cve.org/CVERecord?id=CVE-2017-15408", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15408", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15408", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: heap buffer overflow in pdfium", }, { cve: "CVE-2017-15409", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523125", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds write in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15409", }, { category: "external", summary: "RHBZ#1523125", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523125", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15409", url: "https://www.cve.org/CVERecord?id=CVE-2017-15409", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15409", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15409", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: out of bounds write in skia", }, { cve: "CVE-2017-15410", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523126", }, ], notes: [ { category: "description", text: "Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use after free in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15410", }, { category: "external", summary: "RHBZ#1523126", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523126", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15410", url: "https://www.cve.org/CVERecord?id=CVE-2017-15410", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15410", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15410", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: use after free in pdfium", }, { cve: "CVE-2017-15411", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523127", }, ], notes: [ { category: "description", text: "Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use after free in pdfium", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15411", }, { category: "external", summary: "RHBZ#1523127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523127", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15411", url: "https://www.cve.org/CVERecord?id=CVE-2017-15411", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15411", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15411", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: use after free in pdfium", }, { cve: "CVE-2017-15412", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523128", }, ], notes: [ { category: "description", text: "A use-after-free flaw was found in the libxml2 library. An attacker could use this flaw to cause an application linked against libxml2 to crash when parsing a specially crafted XML file.", title: "Vulnerability description", }, { category: "summary", text: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15412", }, { category: "external", summary: "RHBZ#1523128", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523128", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15412", url: "https://www.cve.org/CVERecord?id=CVE-2017-15412", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c", }, { cve: "CVE-2017-15413", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523129", }, ], notes: [ { category: "description", text: "Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: type confusion in webassembly", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15413", }, { category: "external", summary: "RHBZ#1523129", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523129", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15413", url: "https://www.cve.org/CVERecord?id=CVE-2017-15413", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15413", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15413", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Important", }, ], title: "chromium-browser: type confusion in webassembly", }, { cve: "CVE-2017-15415", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523130", }, ], notes: [ { category: "description", text: "Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: pointer information disclosure in ipc call", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15415", }, { category: "external", summary: "RHBZ#1523130", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523130", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15415", url: "https://www.cve.org/CVERecord?id=CVE-2017-15415", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15415", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15415", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: pointer information disclosure in ipc call", }, { cve: "CVE-2017-15416", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523131", }, ], notes: [ { category: "description", text: "Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: out of bounds read in blink", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15416", }, { category: "external", summary: "RHBZ#1523131", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523131", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15416", url: "https://www.cve.org/CVERecord?id=CVE-2017-15416", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15416", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15416", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: out of bounds read in blink", }, { cve: "CVE-2017-15417", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523132", }, ], notes: [ { category: "description", text: "Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: cross origin information disclosure in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15417", }, { category: "external", summary: "RHBZ#1523132", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523132", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15417", url: "https://www.cve.org/CVERecord?id=CVE-2017-15417", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15417", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15417", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: cross origin information disclosure in skia", }, { cve: "CVE-2017-15418", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523133", }, ], notes: [ { category: "description", text: "Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: use of uninitialized value in skia", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15418", }, { category: "external", summary: "RHBZ#1523133", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523133", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15418", url: "https://www.cve.org/CVERecord?id=CVE-2017-15418", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15418", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15418", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: use of uninitialized value in skia", }, { cve: "CVE-2017-15419", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523134", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: cross origin leak of redirect url in blink", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15419", }, { category: "external", summary: "RHBZ#1523134", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523134", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15419", url: "https://www.cve.org/CVERecord?id=CVE-2017-15419", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15419", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15419", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: cross origin leak of redirect url in blink", }, { cve: "CVE-2017-15420", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523135", }, ], notes: [ { category: "description", text: "Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoofing in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15420", }, { category: "external", summary: "RHBZ#1523135", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523135", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15420", url: "https://www.cve.org/CVERecord?id=CVE-2017-15420", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15420", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15420", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: url spoofing in omnibox", }, { cve: "CVE-2017-15422", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523136", }, ], notes: [ { category: "description", text: "Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: integer overflow in icu", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15422", }, { category: "external", summary: "RHBZ#1523136", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523136", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15422", url: "https://www.cve.org/CVERecord?id=CVE-2017-15422", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15422", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15422", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "chromium-browser: integer overflow in icu", }, { cve: "CVE-2017-15423", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523137", }, ], notes: [ { category: "description", text: "Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: issue with spake implementation in boringssl", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15423", }, { category: "external", summary: "RHBZ#1523137", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523137", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15423", url: "https://www.cve.org/CVERecord?id=CVE-2017-15423", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15423", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15423", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: issue with spake implementation in boringssl", }, { cve: "CVE-2017-15424", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523138", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15424", }, { category: "external", summary: "RHBZ#1523138", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523138", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15424", url: "https://www.cve.org/CVERecord?id=CVE-2017-15424", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15424", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15424", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15425", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523139", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15425", }, { category: "external", summary: "RHBZ#1523139", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523139", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15425", url: "https://www.cve.org/CVERecord?id=CVE-2017-15425", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15425", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15425", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15426", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523140", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: url spoof in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15426", }, { category: "external", summary: "RHBZ#1523140", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523140", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15426", url: "https://www.cve.org/CVERecord?id=CVE-2017-15426", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15426", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15426", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: url spoof in omnibox", }, { cve: "CVE-2017-15427", discovery_date: "2017-12-07T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1523141", }, ], notes: [ { category: "description", text: "Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.", title: "Vulnerability description", }, { category: "summary", text: "chromium-browser: insufficient blocking of javascript in omnibox", title: "Vulnerability summary", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2017-15427", }, { category: "external", summary: "RHBZ#1523141", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1523141", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2017-15427", url: "https://www.cve.org/CVERecord?id=CVE-2017-15427", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2017-15427", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15427", }, { category: "external", summary: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], release_date: "2017-12-06T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2017-12-07T19:30:35+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Chromium must be restarted for the changes to take effect.", product_ids: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2017:3401", }, ], scores: [ { cvss_v3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", version: "3.0", }, products: [ "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Client-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Server-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-0:63.0.3239.84-1.el6_9.x86_64", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.i686", "6Workstation-Supplementary-6.9.z:chromium-browser-debuginfo-0:63.0.3239.84-1.el6_9.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "chromium-browser: insufficient blocking of javascript in omnibox", }, ], }
ghsa-r58r-74gx-6wx3
Vulnerability from github
Published
2022-05-14 02:19
Modified
2023-08-26 00:20
Severity ?
Summary
Nokogiri gem, via libxml, is affected by DoS vulnerabilities
Details
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
{ affected: [ { package: { ecosystem: "RubyGems", name: "nokogiri", }, ranges: [ { events: [ { introduced: "0", }, { fixed: "1.8.2", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2017-15412", ], database_specific: { cwe_ids: [ "CWE-416", ], github_reviewed: true, github_reviewed_at: "2023-08-26T00:20:04Z", nvd_published_at: "2018-08-28T19:29:00Z", severity: "HIGH", }, details: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", id: "GHSA-r58r-74gx-6wx3", modified: "2023-08-26T00:20:04Z", published: "2022-05-14T02:19:17Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", }, { type: "WEB", url: "https://github.com/sparklemotion/nokogiri/issues/1714", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { type: "WEB", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { type: "WEB", url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { type: "WEB", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { type: "WEB", url: "https://crbug.com/727039", }, { type: "WEB", url: "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/nokogiri/CVE-2017-15412.yml", }, { type: "WEB", url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { type: "WEB", url: "https://security.gentoo.org/glsa/201801-03", }, { type: "WEB", url: "https://web.archive.org/web/20201208155618/http://www.securitytracker.com/id/1040348", }, { type: "WEB", url: "https://www.debian.org/security/2018/dsa-4086", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], summary: "Nokogiri gem, via libxml, is affected by DoS vulnerabilities", }
gsd-2017-15412
Vulnerability from gsd
Modified
2018-01-29 00:00
Details
The version of libxml2 packaged with Nokogiri contains a
vulnerability. Nokogiri has mitigated these issue by upgrading to
libxml 2.9.6.
It was discovered that libxml2 incorrecty handled certain files. An attacker
could use this issue with specially constructed XML data to cause libxml2 to
consume resources, leading to a denial of service.
Aliases
Aliases
{ GSD: { alias: "CVE-2017-15412", description: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", id: "GSD-2017-15412", references: [ "https://www.suse.com/security/cve/CVE-2017-15412.html", "https://www.debian.org/security/2018/dsa-4086", "https://access.redhat.com/errata/RHBA-2020:1540", "https://access.redhat.com/errata/RHBA-2020:1539", "https://access.redhat.com/errata/RHSA-2020:1190", "https://access.redhat.com/errata/RHSA-2018:0287", "https://access.redhat.com/errata/RHSA-2017:3401", "https://ubuntu.com/security/CVE-2017-15412", "https://advisories.mageia.org/CVE-2017-15412.html", "https://security.archlinux.org/CVE-2017-15412", "https://alas.aws.amazon.com/cve/html/CVE-2017-15412.html", "https://linux.oracle.com/cve/CVE-2017-15412.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { affected: [ { package: { ecosystem: "RubyGems", name: "nokogiri", purl: "pkg:gem/nokogiri", }, }, ], aliases: [ "CVE-2017-15412", ], details: "The version of libxml2 packaged with Nokogiri contains a\nvulnerability. Nokogiri has mitigated these issue by upgrading to\nlibxml 2.9.6.\n\nIt was discovered that libxml2 incorrecty handled certain files. An attacker\ncould use this issue with specially constructed XML data to cause libxml2 to\nconsume resources, leading to a denial of service.\n", id: "GSD-2017-15412", modified: "2018-01-29T00:00:00.000Z", published: "2018-01-29T00:00:00.000Z", references: [ { type: "WEB", url: "https://github.com/sparklemotion/nokogiri/issues/1714", }, { type: "WEB", url: "https://usn.ubuntu.com/usn/usn-3513-1/", }, { type: "WEB", url: "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html", }, ], related: [ "CVE-2017-18258", ], schema_version: "1.4.0", summary: "Nokogiri gem, via libxml, is affected by DoS vulnerabilities", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2017-15412", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Google Chrome prior to 63.0.3239.84 unknown", version: { version_data: [ { version_value: "Google Chrome prior to 63.0.3239.84 unknown", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Use After Free", }, ], }, ], }, references: { reference_data: [ { name: "1040348", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040348", }, { name: "https://crbug.com/727039", refsource: "MISC", url: "https://crbug.com/727039", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", refsource: "MISC", url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { name: "DSA-4086", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4086", }, { name: "RHSA-2018:0287", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { name: "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { name: "RHSA-2017:3401", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { name: "GLSA-201801-03", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201801-03", }, { name: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", refsource: "MISC", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, ], }, }, "github.com/rubysec/ruby-advisory-db": { cve: "2017-15412", date: "2018-01-29", description: "The version of libxml2 packaged with Nokogiri contains a\nvulnerability. Nokogiri has mitigated these issue by upgrading to\nlibxml 2.9.6.\n\nIt was discovered that libxml2 incorrecty handled certain files. An attacker\ncould use this issue with specially constructed XML data to cause libxml2 to\nconsume resources, leading to a denial of service.\n", gem: "nokogiri", patched_versions: [ ">= 1.8.2", ], related: { cve: [ "2017-18258", ], url: [ "https://usn.ubuntu.com/usn/usn-3513-1/", "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html", ], }, title: "Nokogiri gem, via libxml, is affected by DoS vulnerabilities", url: "https://github.com/sparklemotion/nokogiri/issues/1714", }, "gitlab.com": { advisories: [ { affected_range: "<1.8.2", affected_versions: "All versions before 1.8.2", cvss_v2: "AV:N/AC:M/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", cwe_ids: [ "CWE-1035", "CWE-416", "CWE-937", ], date: "2018-10-25", description: "The libxml2 binary, which is included in nokogiri, incorrectly handles certain files. An attacker can use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. ", fixed_versions: [ "1.8.2", ], identifier: "CVE-2017-15412", identifiers: [ "CVE-2017-15412", ], not_impacted: "All versions starting from 1.8.2", package_slug: "gem/nokogiri", pubdate: "2018-08-28", solution: "Upgrade to version 1.8.2 or above.", title: "Denial of Service", urls: [ "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412", "https://github.com/sparklemotion/nokogiri/issues/1714", "https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15412.html", ], uuid: "78658378-bd8f-4d79-81c8-07c419302426", }, { affected_range: "(,2.9.5)", affected_versions: "All versions before 2.9.5", cvss_v2: "AV:N/AC:M/Au:N/C:P/I:P/A:P", cvss_v3: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", cwe_ids: [ "CWE-1035", "CWE-416", "CWE-937", ], date: "2018-10-25", description: "Use after free in libxml2, as used in Google Chrome and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", fixed_versions: [], identifier: "CVE-2017-15412", identifiers: [ "CVE-2017-15412", ], not_impacted: "", package_slug: "nuget/libxml2", pubdate: "2018-08-28", solution: "Unfortunately, there is no solution available yet.", title: "Use After Free", urls: [ "https://nvd.nist.gov/vuln/detail/CVE-2017-15412", ], uuid: "b349ada1-665e-497a-b7e6-42f6e68e3fc5", }, ], }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "63.0.3239.84", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", cpe_name: [], versionEndExcluding: "2.9.5", vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "security@google.com", ID: "CVE-2017-15412", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "https://crbug.com/727039", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://crbug.com/727039", }, { name: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", refsource: "MISC", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { name: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", refsource: "MISC", tags: [ "Issue Tracking", "Permissions Required", "Third Party Advisory", ], url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { name: "DSA-4086", refsource: "DEBIAN", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4086", }, { name: "GLSA-201801-03", refsource: "GENTOO", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201801-03", }, { name: "[debian-lts-announce] 20171218 [SECURITY] [DLA 1211-1] libxml2 security update", refsource: "MLIST", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { name: "RHSA-2018:0287", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { name: "RHSA-2017:3401", refsource: "REDHAT", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { name: "1040348", refsource: "SECTRACK", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040348", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: true, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, }, }, lastModifiedDate: "2018-10-25T11:35Z", publishedDate: "2018-08-28T19:29Z", }, }, }
wid-sec-w-2023-1614
Vulnerability from csaf_certbund
Published
2023-06-29 22:00
Modified
2023-10-25 22:00
Summary
Tenable Security Nessus Network Monitor: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Tenable Nessus Network Monitor ist eine Lösung zur Inventarisierung und Überwachung von Netzwerkgeräten und den genutzten Protokollen.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Tenable Security Nessus Network Monitor ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Tenable Nessus Network Monitor ist eine Lösung zur Inventarisierung und Überwachung von Netzwerkgeräten und den genutzten Protokollen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Tenable Security Nessus Network Monitor ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1614 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1614.json", }, { category: "self", summary: "WID-SEC-2023-1614 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1614", }, { category: "external", summary: "Tenable Security Advisory TNS-2023-34 vom 2023-10-25", url: "https://de.tenable.com/security/tns-2023-34", }, { category: "external", summary: "Tenable Security Advisory vom 2023-06-29", url: "https://de.tenable.com/security/tns-2023-23", }, ], source_lang: "en-US", title: "Tenable Security Nessus Network Monitor: Mehrere Schwachstellen", tracking: { current_release_date: "2023-10-25T22:00:00.000+00:00", generator: { date: "2024-08-15T17:53:59.941+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1614", initial_release_date: "2023-06-29T22:00:00.000+00:00", revision_history: [ { date: "2023-06-29T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-07-03T22:00:00.000+00:00", number: "2", summary: "Produkt berichtigt", }, { date: "2023-10-25T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Tenable aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Tenable Security Nessus Network Monitor < 6.2.2", product: { name: "Tenable Security Nessus Network Monitor < 6.2.2", product_id: "T028403", product_identification_helper: { cpe: "cpe:/a:tenable:nessus_network_monitor:6.2.2", }, }, }, ], category: "vendor", name: "Tenable Security", }, ], }, vulnerabilities: [ { cve: "CVE-2023-32067", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-32067", }, { cve: "CVE-2023-31147", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-31147", }, { cve: "CVE-2023-31130", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-31130", }, { cve: "CVE-2023-31124", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-31124", }, { cve: "CVE-2023-29469", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-29469", }, { cve: "CVE-2023-28484", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28484", }, { cve: "CVE-2023-28322", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28322", }, { cve: "CVE-2023-28321", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28321", }, { cve: "CVE-2023-28320", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28320", }, { cve: "CVE-2023-27538", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27538", }, { cve: "CVE-2023-27536", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27536", }, { cve: "CVE-2023-27535", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27535", }, { cve: "CVE-2023-27534", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27534", }, { cve: "CVE-2023-27533", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27533", }, { cve: "CVE-2023-2650", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-2650", }, { cve: "CVE-2023-23916", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-23916", }, { cve: "CVE-2023-23915", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-23915", }, { cve: "CVE-2023-23914", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-23914", }, { cve: "CVE-2023-1255", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-1255", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2022-4904", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-4904", }, { cve: "CVE-2022-46908", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-46908", }, { cve: "CVE-2022-43552", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-43552", }, { cve: "CVE-2022-43551", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-43551", }, { cve: "CVE-2022-42916", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-42916", }, { cve: "CVE-2022-42915", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-42915", }, { cve: "CVE-2022-40304", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-40304", }, { cve: "CVE-2022-40303", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-40303", }, { cve: "CVE-2022-35737", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-35737", }, { cve: "CVE-2022-35252", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-35252", }, { cve: "CVE-2022-32221", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32221", }, { cve: "CVE-2022-32208", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32208", }, { cve: "CVE-2022-32207", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32207", }, { cve: "CVE-2022-32206", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32206", }, { cve: "CVE-2022-32205", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32205", }, { cve: "CVE-2022-31160", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-31160", }, { cve: "CVE-2022-29824", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-29824", }, { cve: "CVE-2022-27782", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27782", }, { cve: "CVE-2022-27781", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27781", }, { cve: "CVE-2022-27776", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27776", }, { cve: "CVE-2022-27775", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27775", }, { cve: "CVE-2022-27774", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27774", }, { cve: "CVE-2022-23395", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-23395", }, { cve: "CVE-2022-23308", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-23308", }, { cve: "CVE-2022-22576", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-22576", }, { cve: "CVE-2021-45346", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-45346", }, { cve: "CVE-2021-3672", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3672", }, { cve: "CVE-2021-36690", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-36690", }, { cve: "CVE-2021-3541", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3541", }, { cve: "CVE-2021-3537", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3537", }, { cve: "CVE-2021-3518", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3518", }, { cve: "CVE-2021-3517", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3517", }, { cve: "CVE-2021-31239", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-31239", }, { cve: "CVE-2021-30560", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-30560", }, { cve: "CVE-2021-20227", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-20227", }, { cve: "CVE-2020-9327", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-9327", }, { cve: "CVE-2020-7595", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-7595", }, { cve: "CVE-2020-35527", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-35527", }, { cve: "CVE-2020-35525", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-35525", }, { cve: "CVE-2020-24977", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-24977", }, { cve: "CVE-2020-15358", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-15358", }, { cve: "CVE-2020-14155", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-14155", }, { cve: "CVE-2020-13871", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13871", }, { cve: "CVE-2020-13632", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13632", }, { cve: "CVE-2020-13631", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13631", }, { cve: "CVE-2020-13630", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13630", }, { cve: "CVE-2020-13435", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13435", }, { cve: "CVE-2020-13434", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13434", }, { cve: "CVE-2020-11656", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-11656", }, { cve: "CVE-2020-11655", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-11655", }, { cve: "CVE-2019-9937", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-9937", }, { cve: "CVE-2019-9936", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-9936", }, { cve: "CVE-2019-8457", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-8457", }, { cve: "CVE-2019-5815", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-5815", }, { cve: "CVE-2019-20838", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-20838", }, { cve: "CVE-2019-20388", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-20388", }, { cve: "CVE-2019-20218", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-20218", }, { cve: "CVE-2019-19959", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19959", }, { cve: "CVE-2019-19956", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19956", }, { cve: "CVE-2019-19926", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19926", }, { cve: "CVE-2019-19925", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19925", }, { cve: "CVE-2019-19924", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19924", }, { cve: "CVE-2019-19923", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19923", }, { cve: "CVE-2019-19880", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19880", }, { cve: "CVE-2019-19646", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19646", }, { cve: "CVE-2019-19645", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19645", }, { cve: "CVE-2019-19603", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19603", }, { cve: "CVE-2019-19317", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19317", }, { cve: "CVE-2019-19244", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19244", }, { cve: "CVE-2019-19242", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19242", }, { cve: "CVE-2019-16168", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-16168", }, { cve: "CVE-2019-13118", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-13118", }, { cve: "CVE-2019-13117", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-13117", }, { cve: "CVE-2019-12900", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-12900", }, { cve: "CVE-2019-11068", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-11068", }, { cve: "CVE-2018-9251", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2018-9251", }, { cve: "CVE-2018-14567", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2018-14567", }, { cve: "CVE-2018-14404", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2018-14404", }, { cve: "CVE-2017-9050", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9050", }, { cve: "CVE-2017-9049", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9049", }, { cve: "CVE-2017-9048", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9048", }, { cve: "CVE-2017-9047", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9047", }, { cve: "CVE-2017-8872", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-8872", }, { cve: "CVE-2017-7376", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-7376", }, { cve: "CVE-2017-7375", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-7375", }, { cve: "CVE-2017-5969", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-5969", }, { cve: "CVE-2017-5130", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-5130", }, { cve: "CVE-2017-5029", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-5029", }, { cve: "CVE-2017-18258", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-18258", }, { cve: "CVE-2017-16932", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-16932", }, { cve: "CVE-2017-16931", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-16931", }, { cve: "CVE-2017-15412", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-15412", }, { cve: "CVE-2017-1000381", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-1000381", }, { cve: "CVE-2017-1000061", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-1000061", }, { cve: "CVE-2016-9598", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-9598", }, { cve: "CVE-2016-9597", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-9597", }, { cve: "CVE-2016-9596", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-9596", }, { cve: "CVE-2016-5180", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-5180", }, { cve: "CVE-2016-5131", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-5131", }, { cve: "CVE-2016-4658", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4658", }, { cve: "CVE-2016-4609", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4609", }, { cve: "CVE-2016-4607", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4607", }, { cve: "CVE-2016-4483", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4483", }, { cve: "CVE-2016-4449", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4449", }, { cve: "CVE-2016-4448", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4448", }, { cve: "CVE-2016-4447", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4447", }, { cve: "CVE-2016-3709", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3709", }, { cve: "CVE-2016-3705", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3705", }, { cve: "CVE-2016-3627", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3627", }, { cve: "CVE-2016-3189", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3189", }, { cve: "CVE-2016-2073", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-2073", }, { cve: "CVE-2016-1840", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1840", }, { cve: "CVE-2016-1839", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1839", }, { cve: "CVE-2016-1838", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1838", }, { cve: "CVE-2016-1837", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1837", }, { cve: "CVE-2016-1836", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1836", }, { cve: "CVE-2016-1834", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1834", }, { cve: "CVE-2016-1833", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1833", }, { cve: "CVE-2016-1762", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1762", }, { cve: "CVE-2016-1684", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1684", }, { cve: "CVE-2016-1683", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1683", }, { cve: "CVE-2015-9019", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-9019", }, { cve: "CVE-2015-8806", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8806", }, { cve: "CVE-2015-8710", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8710", }, { cve: "CVE-2015-8317", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8317", }, { cve: "CVE-2015-8242", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8242", }, { cve: "CVE-2015-8241", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8241", }, { cve: "CVE-2015-8035", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8035", }, { cve: "CVE-2015-7995", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7995", }, { cve: "CVE-2015-7942", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7942", }, { cve: "CVE-2015-7941", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7941", }, { cve: "CVE-2015-7500", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7500", }, { cve: "CVE-2015-7499", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7499", }, { cve: "CVE-2015-7498", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7498", }, { cve: "CVE-2015-7497", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7497", }, { cve: "CVE-2015-5312", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-5312", }, { cve: "CVE-2014-3660", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2014-3660", }, { cve: "CVE-2013-4520", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-4520", }, { cve: "CVE-2013-2877", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-2877", }, { cve: "CVE-2013-1969", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-1969", }, { cve: "CVE-2013-0339", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-0339", }, { cve: "CVE-2013-0338", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-0338", }, { cve: "CVE-2012-6139", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-6139", }, { cve: "CVE-2012-5134", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-5134", }, { cve: "CVE-2012-2871", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-2871", }, { cve: "CVE-2012-2870", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-2870", }, { cve: "CVE-2012-0841", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-0841", }, { cve: "CVE-2011-3970", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2011-3970", }, { cve: "CVE-2011-1944", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2011-1944", }, { cve: "CVE-2011-1202", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2011-1202", }, { cve: "CVE-2010-4494", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2010-4494", }, { cve: "CVE-2010-4008", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2010-4008", }, ], }
WID-SEC-W-2023-1614
Vulnerability from csaf_certbund
Published
2023-06-29 22:00
Modified
2023-10-25 22:00
Summary
Tenable Security Nessus Network Monitor: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Tenable Nessus Network Monitor ist eine Lösung zur Inventarisierung und Überwachung von Netzwerkgeräten und den genutzten Protokollen.
Angriff
Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Tenable Security Nessus Network Monitor ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Tenable Nessus Network Monitor ist eine Lösung zur Inventarisierung und Überwachung von Netzwerkgeräten und den genutzten Protokollen.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Tenable Security Nessus Network Monitor ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-1614 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1614.json", }, { category: "self", summary: "WID-SEC-2023-1614 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1614", }, { category: "external", summary: "Tenable Security Advisory TNS-2023-34 vom 2023-10-25", url: "https://de.tenable.com/security/tns-2023-34", }, { category: "external", summary: "Tenable Security Advisory vom 2023-06-29", url: "https://de.tenable.com/security/tns-2023-23", }, ], source_lang: "en-US", title: "Tenable Security Nessus Network Monitor: Mehrere Schwachstellen", tracking: { current_release_date: "2023-10-25T22:00:00.000+00:00", generator: { date: "2024-08-15T17:53:59.941+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-1614", initial_release_date: "2023-06-29T22:00:00.000+00:00", revision_history: [ { date: "2023-06-29T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-07-03T22:00:00.000+00:00", number: "2", summary: "Produkt berichtigt", }, { date: "2023-10-25T22:00:00.000+00:00", number: "3", summary: "Neue Updates von Tenable aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Tenable Security Nessus Network Monitor < 6.2.2", product: { name: "Tenable Security Nessus Network Monitor < 6.2.2", product_id: "T028403", product_identification_helper: { cpe: "cpe:/a:tenable:nessus_network_monitor:6.2.2", }, }, }, ], category: "vendor", name: "Tenable Security", }, ], }, vulnerabilities: [ { cve: "CVE-2023-32067", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-32067", }, { cve: "CVE-2023-31147", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-31147", }, { cve: "CVE-2023-31130", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-31130", }, { cve: "CVE-2023-31124", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-31124", }, { cve: "CVE-2023-29469", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-29469", }, { cve: "CVE-2023-28484", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28484", }, { cve: "CVE-2023-28322", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28322", }, { cve: "CVE-2023-28321", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28321", }, { cve: "CVE-2023-28320", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-28320", }, { cve: "CVE-2023-27538", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27538", }, { cve: "CVE-2023-27536", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27536", }, { cve: "CVE-2023-27535", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27535", }, { cve: "CVE-2023-27534", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27534", }, { cve: "CVE-2023-27533", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-27533", }, { cve: "CVE-2023-2650", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-2650", }, { cve: "CVE-2023-23916", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-23916", }, { cve: "CVE-2023-23915", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-23915", }, { cve: "CVE-2023-23914", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-23914", }, { cve: "CVE-2023-1255", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-1255", }, { cve: "CVE-2023-0466", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-0466", }, { cve: "CVE-2023-0465", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2023-0465", }, { cve: "CVE-2022-4904", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-4904", }, { cve: "CVE-2022-46908", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-46908", }, { cve: "CVE-2022-43552", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-43552", }, { cve: "CVE-2022-43551", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-43551", }, { cve: "CVE-2022-42916", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-42916", }, { cve: "CVE-2022-42915", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-42915", }, { cve: "CVE-2022-40304", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-40304", }, { cve: "CVE-2022-40303", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-40303", }, { cve: "CVE-2022-35737", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-35737", }, { cve: "CVE-2022-35252", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-35252", }, { cve: "CVE-2022-32221", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32221", }, { cve: "CVE-2022-32208", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32208", }, { cve: "CVE-2022-32207", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32207", }, { cve: "CVE-2022-32206", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32206", }, { cve: "CVE-2022-32205", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-32205", }, { cve: "CVE-2022-31160", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-31160", }, { cve: "CVE-2022-29824", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-29824", }, { cve: "CVE-2022-27782", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27782", }, { cve: "CVE-2022-27781", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27781", }, { cve: "CVE-2022-27776", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27776", }, { cve: "CVE-2022-27775", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27775", }, { cve: "CVE-2022-27774", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-27774", }, { cve: "CVE-2022-23395", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-23395", }, { cve: "CVE-2022-23308", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-23308", }, { cve: "CVE-2022-22576", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2022-22576", }, { cve: "CVE-2021-45346", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-45346", }, { cve: "CVE-2021-3672", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3672", }, { cve: "CVE-2021-36690", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-36690", }, { cve: "CVE-2021-3541", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3541", }, { cve: "CVE-2021-3537", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3537", }, { cve: "CVE-2021-3518", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3518", }, { cve: "CVE-2021-3517", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-3517", }, { cve: "CVE-2021-31239", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-31239", }, { cve: "CVE-2021-30560", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-30560", }, { cve: "CVE-2021-20227", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2021-20227", }, { cve: "CVE-2020-9327", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-9327", }, { cve: "CVE-2020-7595", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-7595", }, { cve: "CVE-2020-35527", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-35527", }, { cve: "CVE-2020-35525", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-35525", }, { cve: "CVE-2020-24977", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-24977", }, { cve: "CVE-2020-15358", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-15358", }, { cve: "CVE-2020-14155", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-14155", }, { cve: "CVE-2020-13871", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13871", }, { cve: "CVE-2020-13632", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13632", }, { cve: "CVE-2020-13631", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13631", }, { cve: "CVE-2020-13630", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13630", }, { cve: "CVE-2020-13435", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13435", }, { cve: "CVE-2020-13434", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-13434", }, { cve: "CVE-2020-11656", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-11656", }, { cve: "CVE-2020-11655", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2020-11655", }, { cve: "CVE-2019-9937", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-9937", }, { cve: "CVE-2019-9936", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-9936", }, { cve: "CVE-2019-8457", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-8457", }, { cve: "CVE-2019-5815", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-5815", }, { cve: "CVE-2019-20838", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-20838", }, { cve: "CVE-2019-20388", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-20388", }, { cve: "CVE-2019-20218", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-20218", }, { cve: "CVE-2019-19959", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19959", }, { cve: "CVE-2019-19956", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19956", }, { cve: "CVE-2019-19926", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19926", }, { cve: "CVE-2019-19925", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19925", }, { cve: "CVE-2019-19924", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19924", }, { cve: "CVE-2019-19923", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19923", }, { cve: "CVE-2019-19880", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19880", }, { cve: "CVE-2019-19646", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19646", }, { cve: "CVE-2019-19645", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19645", }, { cve: "CVE-2019-19603", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19603", }, { cve: "CVE-2019-19317", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19317", }, { cve: "CVE-2019-19244", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19244", }, { cve: "CVE-2019-19242", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-19242", }, { cve: "CVE-2019-16168", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-16168", }, { cve: "CVE-2019-13118", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-13118", }, { cve: "CVE-2019-13117", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-13117", }, { cve: "CVE-2019-12900", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-12900", }, { cve: "CVE-2019-11068", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2019-11068", }, { cve: "CVE-2018-9251", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2018-9251", }, { cve: "CVE-2018-14567", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2018-14567", }, { cve: "CVE-2018-14404", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2018-14404", }, { cve: "CVE-2017-9050", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9050", }, { cve: "CVE-2017-9049", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9049", }, { cve: "CVE-2017-9048", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9048", }, { cve: "CVE-2017-9047", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-9047", }, { cve: "CVE-2017-8872", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-8872", }, { cve: "CVE-2017-7376", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-7376", }, { cve: "CVE-2017-7375", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-7375", }, { cve: "CVE-2017-5969", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-5969", }, { cve: "CVE-2017-5130", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-5130", }, { cve: "CVE-2017-5029", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-5029", }, { cve: "CVE-2017-18258", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-18258", }, { cve: "CVE-2017-16932", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-16932", }, { cve: "CVE-2017-16931", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-16931", }, { cve: "CVE-2017-15412", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-15412", }, { cve: "CVE-2017-1000381", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-1000381", }, { cve: "CVE-2017-1000061", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2017-1000061", }, { cve: "CVE-2016-9598", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-9598", }, { cve: "CVE-2016-9597", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-9597", }, { cve: "CVE-2016-9596", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-9596", }, { cve: "CVE-2016-5180", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-5180", }, { cve: "CVE-2016-5131", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-5131", }, { cve: "CVE-2016-4658", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4658", }, { cve: "CVE-2016-4609", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4609", }, { cve: "CVE-2016-4607", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4607", }, { cve: "CVE-2016-4483", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4483", }, { cve: "CVE-2016-4449", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4449", }, { cve: "CVE-2016-4448", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4448", }, { cve: "CVE-2016-4447", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-4447", }, { cve: "CVE-2016-3709", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3709", }, { cve: "CVE-2016-3705", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3705", }, { cve: "CVE-2016-3627", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3627", }, { cve: "CVE-2016-3189", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-3189", }, { cve: "CVE-2016-2073", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-2073", }, { cve: "CVE-2016-1840", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1840", }, { cve: "CVE-2016-1839", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1839", }, { cve: "CVE-2016-1838", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1838", }, { cve: "CVE-2016-1837", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1837", }, { cve: "CVE-2016-1836", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1836", }, { cve: "CVE-2016-1834", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1834", }, { cve: "CVE-2016-1833", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1833", }, { cve: "CVE-2016-1762", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1762", }, { cve: "CVE-2016-1684", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1684", }, { cve: "CVE-2016-1683", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2016-1683", }, { cve: "CVE-2015-9019", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-9019", }, { cve: "CVE-2015-8806", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8806", }, { cve: "CVE-2015-8710", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8710", }, { cve: "CVE-2015-8317", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8317", }, { cve: "CVE-2015-8242", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8242", }, { cve: "CVE-2015-8241", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8241", }, { cve: "CVE-2015-8035", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-8035", }, { cve: "CVE-2015-7995", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7995", }, { cve: "CVE-2015-7942", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7942", }, { cve: "CVE-2015-7941", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7941", }, { cve: "CVE-2015-7500", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7500", }, { cve: "CVE-2015-7499", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7499", }, { cve: "CVE-2015-7498", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7498", }, { cve: "CVE-2015-7497", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-7497", }, { cve: "CVE-2015-5312", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2015-5312", }, { cve: "CVE-2014-3660", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2014-3660", }, { cve: "CVE-2013-4520", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-4520", }, { cve: "CVE-2013-2877", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-2877", }, { cve: "CVE-2013-1969", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-1969", }, { cve: "CVE-2013-0339", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-0339", }, { cve: "CVE-2013-0338", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2013-0338", }, { cve: "CVE-2012-6139", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-6139", }, { cve: "CVE-2012-5134", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-5134", }, { cve: "CVE-2012-2871", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-2871", }, { cve: "CVE-2012-2870", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-2870", }, { cve: "CVE-2012-0841", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2012-0841", }, { cve: "CVE-2011-3970", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2011-3970", }, { cve: "CVE-2011-1944", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2011-1944", }, { cve: "CVE-2011-1202", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2011-1202", }, { cve: "CVE-2010-4494", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2010-4494", }, { cve: "CVE-2010-4008", notes: [ { category: "description", text: "In Tenable Security Nessus Network Monitor existieren mehrere Schwachstellen. Die Fehler bestehen unter anderem in Komponenten von Drittanbietern wie c-ares, curl, libbzip2, libpcre, libxml2, sqlite und OpenSSL. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuführen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen und Daten zu manipulieren. Die erfolgreiche Ausnutzung einiger dieser Schwachstellen erfordert eine Benutzerinteraktion oder erhöhte Rechte.", }, ], release_date: "2023-06-29T22:00:00.000+00:00", title: "CVE-2010-4008", }, ], }
fkie_cve-2017-15412
Vulnerability from fkie_nvd
Published
2018-08-28 19:29
Modified
2024-11-21 03:14
Severity ?
Summary
Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| chrome | * | ||
| xmlsoft | libxml2 | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", matchCriteriaId: "BD398356-6BFE-46FE-A6AA-16F55BC5490C", versionEndExcluding: "63.0.3239.84", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:xmlsoft:libxml2:*:*:*:*:*:*:*:*", matchCriteriaId: "C4B3A4BD-14E7-4D4D-81C9-6A355F49C978", versionEndExcluding: "2.9.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.", }, { lang: "es", value: "Uso de memoria previamente liberada en libxml2 en versiones anteriores a la 2.9.5, tal y como se emplea en Google Chrome en versiones anteriores a la 63.0.3239.84 y otros productos, permitía que un atacante remoto pudiese explotar una corrupción de memoria dinámica (heap) mediante una página HTML manipulada.", }, ], id: "CVE-2017-15412", lastModified: "2024-11-21T03:14:39.487", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-08-28T19:29:05.737", references: [ { source: "chrome-cve-admin@google.com", url: "http://www.securitytracker.com/id/1040348", }, { source: "chrome-cve-admin@google.com", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { source: "chrome-cve-admin@google.com", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { source: "chrome-cve-admin@google.com", url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { source: "chrome-cve-admin@google.com", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { source: "chrome-cve-admin@google.com", url: "https://crbug.com/727039", }, { source: "chrome-cve-admin@google.com", url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { source: "chrome-cve-admin@google.com", url: "https://security.gentoo.org/glsa/201801-03", }, { source: "chrome-cve-admin@google.com", url: "https://www.debian.org/security/2018/dsa-4086", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1040348", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2017:3401", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2018:0287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.gnome.org/show_bug.cgi?id=783160", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://crbug.com/727039", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.gentoo.org/glsa/201801-03", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2018/dsa-4086", }, ], sourceIdentifier: "chrome-cve-admin@google.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.