ID CVE-2020-9925 Type cve Reporter product-security@apple.com Modified 2020-10-20T15:02:00
Description
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting.
{"redhatcve": [{"lastseen": "2021-07-29T13:40:26", "description": "A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-09-16T14:16:55", "type": "redhatcve", "title": "CVE-2020-9925", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9925"], "modified": "2020-11-04T13:59:37", "id": "RH:CVE-2020-9925", "href": "https://access.redhat.com/security/cve/cve-2020-9925", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "ubuntucve": [{"lastseen": "2021-07-31T21:48:33", "description": "A logic issue was addressed with improved state management. This issue is\nfixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari\n13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for\nWindows 7.20. Processing maliciously crafted web content may lead to\nuniversal cross site scripting.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | webkit receives limited support. For details, see https://wiki.ubuntu.com/SecurityTeam/FAQ#webkit webkit in Ubuntu uses the JavaScriptCore (JSC) engine, not V8\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2020-07-29T00:00:00", "type": "ubuntucve", "title": "CVE-2020-9925", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9925"], "modified": "2020-07-29T00:00:00", "id": "UB:CVE-2020-9925", "href": "https://ubuntu.com/security/CVE-2020-9925", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2021-07-29T04:46:00", "description": "This update for webkit2gtk3 fixes the following issues :\n\nUpdate to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-12T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:2198-1)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo"], "id": "SUSE_SU-2020-2198-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139535", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2198-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139535);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:2198-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 fixes the following issues :\n\nUpdate to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9862/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9893/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9894/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9915/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9925/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202198-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?349b993e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 15 :\n\nzypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-2198=1\n\nSUSE Linux Enterprise Server 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-SLES-15-2020-2198=1\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP1-2020-2198=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-2198=1\n\nSUSE Linux Enterprise High Performance Computing 15-LTSS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-2198=1\n\nSUSE Linux Enterprise High Performance Computing 15-ESPOS :\n\nzypper in -t patch SUSE-SLE-Product-HPC-15-2020-2198=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk3-debugsource-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"webkit2gtk3-devel-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwebkit2gtk-4_0-37-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"webkit2gtk3-debugsource-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"s390x\", reference:\"webkit2gtk3-devel-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk3-debugsource-2.28.4-3.60.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"webkit2gtk3-devel-2.28.4-3.60.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T04:46:00", "description": "This update for webkit2gtk3 fixes the following issues :\n\nUpdate to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-12T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:2199-1)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-12T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo"], "id": "SUSE_SU-2020-2199-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139536", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2199-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139536);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : webkit2gtk3 (SUSE-SU-2020:2199-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 fixes the following issues :\n\nUpdate to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9862/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9893/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9894/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9915/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9925/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202199-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7ac74cd8\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Desktop Applications 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Desktop-Applications-15-SP2-2020-2199=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-2199=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"webkit2gtk3-debugsource-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"webkit2gtk3-devel-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"webkit2gtk3-debugsource-2.28.4-3.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"webkit2gtk3-devel-2.28.4-3.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T04:46:02", "description": "This update for webkit2gtk3 fixes the following issues :\n\nUpdate to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-14T00:00:00", "title": "SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:2232-1)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo"], "id": "SUSE_SU-2020-2232-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139593", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2232-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139593);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n\n script_name(english:\"SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:2232-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 fixes the following issues :\n\nUpdate to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9862/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9893/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9894/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9895/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9915/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-9925/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202232-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af6babc9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-2232=1\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-2232=1\n\nSUSE OpenStack Cloud 9 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-9-2020-2232=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-2232=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-2232=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2232=1\n\nSUSE Linux Enterprise Server for SAP 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP4-2020-2232=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-2232=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2232=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2232=1\n\nSUSE Linux Enterprise Server 12-SP4-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-2232=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-2232=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-2232=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-2232=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-2232=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-2232=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-2232=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk3-debugsource-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk3-debugsource-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-debugsource-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-devel-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libwebkit2gtk-4_0-37-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-2.59.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk3-debugsource-2.28.4-2.59.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T02:12:59", "description": "This update for webkit2gtk3 fixes the following issues :\n\n - Update to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-28T00:00:00", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2020-1275)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-28T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0", "cpe:/o:novell:opensuse:15.2", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo"], "id": "OPENSUSE-2020-1275.NASL", "href": "https://www.tenable.com/plugins/nessus/140023", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1275.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140023);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2020-1275)\");\n script_summary(english:\"Check for the openSUSE-2020-1275 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 fixes the following issues :\n\n - Update to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174662\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwebkit2gtk-4_0-37-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libwebkit2gtk3-lang-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit-jsc-4-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit-jsc-4-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit2gtk3-debugsource-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit2gtk3-devel-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit2gtk3-minibrowser-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.28.4-lp152.2.4.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.28.4-lp152.2.4.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T23:19:24", "description": "The following vulnerabilities have been discovered in the webkit2gtk\nweb engine :\n\n - CVE-2020-9862\n Ophir Lojkine discovered that copying a URL from the Web\n Inspector may lead to command injection.\n\n - CVE-2020-9893\n 0011 discovered that a remote attacker may be able to\n cause unexpected application termination or arbitrary\n code execution.\n\n - CVE-2020-9894\n 0011 discovered that a remote attacker may be able to\n cause unexpected application termination or arbitrary\n code execution.\n\n - CVE-2020-9895\n Wen Xu discovered that a remote attacker may be able to\n cause unexpected application termination or arbitrary\n code execution.\n\n - CVE-2020-9915\n Ayoub Ait Elmokhtar discovered that processing\n maliciously crafted web content may prevent Content\n Security Policy from being enforced.\n\n - CVE-2020-9925\n An anonymous researcher discovered that processing\n maliciously crafted web content may lead to universal\n cross site scripting.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-04T00:00:00", "title": "Debian DSA-4739-1 : webkit2gtk - security update", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-04T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:webkit2gtk"], "id": "DEBIAN_DSA-4739.NASL", "href": "https://www.tenable.com/plugins/nessus/139298", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4739. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139298);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n script_xref(name:\"DSA\", value:\"4739\");\n\n script_name(english:\"Debian DSA-4739-1 : webkit2gtk - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The following vulnerabilities have been discovered in the webkit2gtk\nweb engine :\n\n - CVE-2020-9862\n Ophir Lojkine discovered that copying a URL from the Web\n Inspector may lead to command injection.\n\n - CVE-2020-9893\n 0011 discovered that a remote attacker may be able to\n cause unexpected application termination or arbitrary\n code execution.\n\n - CVE-2020-9894\n 0011 discovered that a remote attacker may be able to\n cause unexpected application termination or arbitrary\n code execution.\n\n - CVE-2020-9895\n Wen Xu discovered that a remote attacker may be able to\n cause unexpected application termination or arbitrary\n code execution.\n\n - CVE-2020-9915\n Ayoub Ait Elmokhtar discovered that processing\n maliciously crafted web content may prevent Content\n Security Policy from being enforced.\n\n - CVE-2020-9925\n An anonymous researcher discovered that processing\n maliciously crafted web content may lead to universal\n cross site scripting.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-9862\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-9893\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-9894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-9895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-9915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2020-9925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/webkit2gtk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/webkit2gtk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4739\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the webkit2gtk packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 2.28.4-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:webkit2gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"gir1.2-javascriptcoregtk-4.0\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"gir1.2-webkit2-4.0\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libjavascriptcoregtk-4.0-18\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libjavascriptcoregtk-4.0-bin\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libjavascriptcoregtk-4.0-dev\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-37\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-37-gtk2\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-dev\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libwebkit2gtk-4.0-doc\", reference:\"2.28.4-1~deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"webkit2gtk-driver\", reference:\"2.28.4-1~deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T23:58:20", "description": "Update to 2.28.4. Also, drop xdg-desktop-portal-gtk and geoclue2 from\nRequires to Recommends.\n\nFixes CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,\nCVE-2020-9915, CVE-2020-9925\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-04T00:00:00", "title": "Fedora 32 : webkit2gtk3 (2020-24b936a870)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-04T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "p-cpe:/a:fedoraproject:fedora:webkit2gtk3"], "id": "FEDORA_2020-24B936A870.NASL", "href": "https://www.tenable.com/plugins/nessus/139299", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-24b936a870.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139299);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n script_xref(name:\"FEDORA\", value:\"2020-24b936a870\");\n\n script_name(english:\"Fedora 32 : webkit2gtk3 (2020-24b936a870)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 2.28.4. Also, drop xdg-desktop-portal-gtk and geoclue2 from\nRequires to Recommends.\n\nFixes CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,\nCVE-2020-9915, CVE-2020-9925\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-24b936a870\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected webkit2gtk3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"webkit2gtk3-2.28.4-3.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T00:35:57", "description": "The remote host is affected by the vulnerability described in GLSA-202007-61\n(WebKitGTK+: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in WebKitGTK+. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-03T00:00:00", "title": "GLSA-202007-61 : WebKitGTK+: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-03T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:webkit-gtk"], "id": "GENTOO_GLSA-202007-61.NASL", "href": "https://www.tenable.com/plugins/nessus/139269", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202007-61.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139269);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n script_xref(name:\"GLSA\", value:\"202007-61\");\n\n script_name(english:\"GLSA-202007-61 : WebKitGTK+: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is affected by the vulnerability described in GLSA-202007-61\n(WebKitGTK+: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in WebKitGTK+. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202007-61\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"All WebKitGTK+ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/webkit-gtk-2.28.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:webkit-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/webkit-gtk\", unaffected:make_list(\"ge 2.28.4\"), vulnerable:make_list(\"lt 2.28.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"WebKitGTK+\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T00:01:24", "description": "Update to 2.28.4. Also, drop xdg-desktop-portal-gtk and geoclue2 from\nRequires to Recommends.\n\nFixes CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,\nCVE-2020-9915, CVE-2020-9925\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-07T00:00:00", "title": "Fedora 31 : webkit2gtk3 (2020-a496a39b00)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-07T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:webkit2gtk3", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-A496A39B00.NASL", "href": "https://www.tenable.com/plugins/nessus/139391", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-a496a39b00.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139391);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n script_xref(name:\"FEDORA\", value:\"2020-a496a39b00\");\n\n script_name(english:\"Fedora 31 : webkit2gtk3 (2020-a496a39b00)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Update to 2.28.4. Also, drop xdg-desktop-portal-gtk and geoclue2 from\nRequires to Recommends.\n\nFixes CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895,\nCVE-2020-9915, CVE-2020-9925\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-a496a39b00\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected webkit2gtk3 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"webkit2gtk3-2.28.4-3.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T02:12:58", "description": "This update for webkit2gtk3 fixes the following issues :\n\n - Update to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 5, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-27T00:00:00", "title": "openSUSE Security Update : webkit2gtk3 (openSUSE-2020-1256)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-27T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit", "p-cpe:/a:novell:opensuse:webkit-jsc-4", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0", "p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser", "cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource", "p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0", "p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18", "p-cpe:/a:novell:opensuse:webkit2gtk3-devel", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo"], "id": "OPENSUSE-2020-1256.NASL", "href": "https://www.tenable.com/plugins/nessus/139896", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1256.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139896);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n\n script_name(english:\"openSUSE Security Update : webkit2gtk3 (openSUSE-2020-1256)\");\n script_summary(english:\"Check for the openSUSE-2020-1256 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for webkit2gtk3 fixes the following issues :\n\n - Update to version 2.28.4 (bsc#1174662) :\n\n + Fix several crashes and rendering issues.\n\n + Security fixes: CVE-2020-9862, CVE-2020-9893,\n CVE-2020-9894, CVE-2020-9895, CVE-2020-9915,\n CVE-2020-9925.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1174662\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected webkit2gtk3 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libwebkit2gtk3-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-JavaScriptCore-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-WebKit2WebExtension-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit-jsc-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:webkit2gtk3-minibrowser-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libjavascriptcoregtk-4_0-18-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk-4_0-37-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libwebkit2gtk3-lang-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-WebKit2-4_0-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit-jsc-4-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit-jsc-4-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-debugsource-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-devel-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-minibrowser-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"webkit2gtk3-minibrowser-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-2.28.4-lp151.2.24.3\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libwebkit2gtk-4_0-37-32bit-debuginfo-2.28.4-lp151.2.24.3\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4_0-18 / libjavascriptcoregtk-4_0-18-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-29T22:16:25", "description": "A large number of security issues were discovered in the WebKitGTK Web\nand JavaScript engines. If a user were tricked into viewing a\nmalicious website, a remote attacker could exploit a variety of issues\nrelated to web browser security, including cross-site scripting\nattacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 6, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-04T00:00:00", "title": "Ubuntu 18.04 LTS / 20.04 : WebKitGTK vulnerabilities (USN-4444-1)", "type": "nessus", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-04T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37", "cpe:/o:canonical:ubuntu_linux:20.04", "p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4444-1.NASL", "href": "https://www.tenable.com/plugins/nessus/139311", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4444-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(139311);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/23\");\n\n script_cve_id(\"CVE-2020-9862\", \"CVE-2020-9893\", \"CVE-2020-9894\", \"CVE-2020-9895\", \"CVE-2020-9915\", \"CVE-2020-9925\");\n script_xref(name:\"USN\", value:\"4444-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 : WebKitGTK vulnerabilities (USN-4444-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A large number of security issues were discovered in the WebKitGTK Web\nand JavaScript engines. If a user were tricked into viewing a\nmalicious website, a remote attacker could exploit a variety of issues\nrelated to web browser security, including cross-site scripting\nattacks, denial of service attacks, and arbitrary code execution.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4444-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected libjavascriptcoregtk-4.0-18 and / or\nlibwebkit2gtk-4.0-37 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libjavascriptcoregtk-4.0-18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libwebkit2gtk-4.0-37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libjavascriptcoregtk-4.0-18\", pkgver:\"2.28.4-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libwebkit2gtk-4.0-37\", pkgver:\"2.28.4-0ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"libjavascriptcoregtk-4.0-18\", pkgver:\"2.28.4-0ubuntu0.20.04.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"libwebkit2gtk-4.0-37\", pkgver:\"2.28.4-0ubuntu0.20.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libjavascriptcoregtk-4.0-18 / libwebkit2gtk-4.0-37\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2020-07-31T21:27:37", "description": "### Background\n\nWebKitGTK+ is a full-featured port of the WebKit rendering engine, suitable for projects requiring any kind of web integration, from hybrid HTML/CSS applications to full-fledged web browsers. \n\n### Description\n\nMultiple vulnerabilities have been discovered in WebKitGTK+. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll WebKitGTK+ users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-libs/webkit-gtk-2.28.4\"", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-07-31T00:00:00", "title": "WebKitGTK+: Multiple vulnerabilities", "type": "gentoo", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-07-31T00:00:00", "id": "GLSA-202007-61", "href": "https://security.gentoo.org/glsa/202007-61", "cvss": {"score": 0.0, "vector": "NONE"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-07T01:09:26", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: webkit2gtk3-2.28.4-3.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-08-07T01:09:26", "id": "FEDORA:CBE8E30B452C", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-04T01:21:10", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: webkit2gtk3-2.28.4-3.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-08-04T01:21:10", "id": "FEDORA:A56F0309448D", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2021-07-28T18:44:12", "description": "A large number of security issues were discovered in the WebKitGTK Web and \nJavaScript engines. If a user were tricked into viewing a malicious \nwebsite, a remote attacker could exploit a variety of issues related to web \nbrowser security, including cross-site scripting attacks, denial of service \nattacks, and arbitrary code execution.", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-03T00:00:00", "title": "WebKitGTK vulnerabilities", "type": "ubuntu", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-03T00:00:00", "id": "USN-4444-1", "href": "https://ubuntu.com/security/notices/USN-4444-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2021-08-02T20:13:47", "description": "An update that fixes 6 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 fixes the following issues:\n\n - Update to version 2.28.4 (bsc#1174662):\n + Fix several crashes and rendering issues.\n + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894,\n CVE-2020-9895, CVE-2020-9915, CVE-2020-9925.\n\n This update was imported from the SUSE:SLE-15-SP2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-1275=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-28T00:14:23", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-08-28T00:14:23", "id": "OPENSUSE-SU-2020:1275-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HSYHJSOAT52BOF2K6K3RLYFHUAZSWXXJ/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-02T20:13:47", "description": "An update that fixes 6 vulnerabilities is now available.\n\nDescription:\n\n This update for webkit2gtk3 fixes the following issues:\n\n - Update to version 2.28.4 (bsc#1174662):\n + Fix several crashes and rendering issues.\n + Security fixes: CVE-2020-9862, CVE-2020-9893, CVE-2020-9894,\n CVE-2020-9895, CVE-2020-9915, CVE-2020-9925.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1256=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-25T00:16:43", "type": "suse", "title": "Security update for webkit2gtk3 (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-08-25T00:16:43", "id": "OPENSUSE-SU-2020:1256-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DHP5PSRB6P6HQHCNMY75J76LLTLPQEB2/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-08-02T22:31:19", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4739-1 security@debian.org\nhttps://www.debian.org/security/ Alberto Garcia\nAugust 03, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : webkit2gtk\nCVE ID : CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895\n CVE-2020-9915 CVE-2020-9925\n\nThe following vulnerabilities have been discovered in the webkit2gtk\nweb engine:\n\nCVE-2020-9862\n\n Ophir Lojkine discovered that copying a URL from the Web Inspector\n may lead to command injection.\n\nCVE-2020-9893\n\n 0011 discovered that a remote attacker may be able to cause\n unexpected application termination or arbitrary code execution.\n\nCVE-2020-9894\n\n 0011 discovered that a remote attacker may be able to cause\n unexpected application termination or arbitrary code execution.\n\nCVE-2020-9895\n\n Wen Xu discovered that a remote attacker may be able to cause\n unexpected application termination or arbitrary code execution.\n\nCVE-2020-9915\n\n Ayoub Ait Elmokhtar discovered that processing maliciously crafted\n web content may prevent Content Security Policy from being\n enforced.\n\nCVE-2020-9925\n\n An anonymous researcher discovered that processing maliciously\n crafted web content may lead to universal cross site scripting.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.28.4-1~deb10u1.\n\nWe recommend that you upgrade your webkit2gtk packages.\n\nFor the detailed security status of webkit2gtk please refer to its\nsecurity tracker page at:\nhttps://security-tracker.debian.org/tracker/webkit2gtk\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 8, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-03T15:09:06", "title": "[SECURITY] [DSA 4739-1] webkit2gtk security update", "type": "debian", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-08-03T15:09:06", "id": "DEBIAN:DSA-4739-1:5AEC6", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00147.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "apple": [{"lastseen": "2020-12-24T20:44:34", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## Safari 13.1.2\n\nReleased July 15, 2020\n\n**Safari**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2020-9942: an anonymous researcher, Rahul d Kankrale (servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho (@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang Zeng(@Wester) of OPPO ZIWU Security Lab\n\nEntry added November 12, 2020\n\n**Safari Downloads**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: A malicious attacker may be able to change the origin of a frame for a download in Safari Reader mode\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2020-9912: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)\n\n**Safari Login AutoFill**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: A malicious attacker may cause Safari to suggest a password for the wrong domain\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)\n\n**Safari Reader**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2020-9911: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)\n\n**WebKit**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\nEntry updated July 28, 2020\n\n**WebKit**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n**WebRTC**\n\nAvailable for: macOS Mojave and macOS High Sierra, and included in macOS Catalina\n\nImpact: An attacker in a privileged network position may be able to cause heap corruption via a crafted SCTP stream\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-6514: Natalie Silvanovich of Google Project Zero\n\nEntry added September 21, 2020\n", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-12T10:19:34", "title": "About the security content of Safari 13.1.2 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9903", "CVE-2020-9910", "CVE-2020-9942", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9911", "CVE-2020-9916", "CVE-2020-9912", "CVE-2020-6514", "CVE-2020-9893", "CVE-2020-9915"], "modified": "2020-11-12T10:19:34", "id": "APPLE:HT211292", "href": "https://support.apple.com/kb/HT211292", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:43:46", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 11.3\n\nReleased August 10, 2020\n\n**CoreGraphics**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nEntry added September 21, 2020, updated December 15, 2020\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Multiple buffer overflow issues existed in openEXR\n\nDescription: Multiple issues in openEXR were addressed with improved checks.\n\nCVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nCVE-2020-9936: Mickey Jin of Trend Micro\n\nCVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9984: an anonymous researcher\n\nEntry updated September 21, 2020\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9919: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9876: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab\n\n**ImageIO**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed through improved input validation.\n\nCVE-2020-9875: Mickey Jin of Trend Micro\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n## Additional recognition\n\n**ImageIO**\n\nWe would like to acknowledge Xingwei Lin of Ant-financial Light-Year Security Lab for their assistance.\n\nEntry added September 21, 2020\n", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-15T06:02:19", "title": "About the security content of iCloud for Windows 11.3 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2020-9874", "CVE-2020-11761", "CVE-2020-9862", "CVE-2020-9883", "CVE-2020-9984", "CVE-2020-9894", "CVE-2020-11763", "CVE-2020-11765", "CVE-2020-9876", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9938", "CVE-2020-9916", "CVE-2020-9877", "CVE-2020-9919", "CVE-2020-11758", "CVE-2020-11760", "CVE-2020-9879", "CVE-2020-9893", "CVE-2020-11759", "CVE-2020-11764", "CVE-2020-9915", "CVE-2020-11762", "CVE-2020-9936", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-12-15T06:02:19", "id": "APPLE:HT211294", "href": "https://support.apple.com/kb/HT211294 ", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:44:33", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iCloud for Windows 7.20\n\nReleased August 10, 2020\n\n**CoreGraphics**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nEntry added September 21, 2020, updated December 15, 2020\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple buffer overflow issues existed in openEXR\n\nDescription: Multiple issues in openEXR were addressed with improved checks.\n\nCVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nCVE-2020-9936: Mickey Jin of Trend Micro\n\nCVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9984: an anonymous researcher\n\nEntry updated September 21, 2020\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9919: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9876: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed through improved input validation.\n\nCVE-2020-9875: Mickey Jin of Trend Micro\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: Windows 7 and later\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n## Additional recognition\n\n**ImageIO**\n\nWe would like to acknowledge Xingwei Lin of Ant-financial Light-Year Security Lab for their assistance.\n\nEntry added September 21, 2020\n", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-15T05:23:14", "title": "About the security content of iCloud for Windows 7.20 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2020-9874", "CVE-2020-11761", "CVE-2020-9862", "CVE-2020-9883", "CVE-2020-9984", "CVE-2020-9894", "CVE-2020-11763", "CVE-2020-11765", "CVE-2020-9876", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9938", "CVE-2020-9916", "CVE-2020-9877", "CVE-2020-9919", "CVE-2020-11758", "CVE-2020-11760", "CVE-2020-9879", "CVE-2020-9893", "CVE-2020-11759", "CVE-2020-11764", "CVE-2020-9915", "CVE-2020-11762", "CVE-2020-9936", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-12-15T05:23:14", "id": "APPLE:HT211295", "href": "https://support.apple.com/kb/HT211295", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:41:46", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iTunes 12.10.8 for Windows\n\nReleased July 30, 2020\n\n**CoreGraphics**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nEntry added September 21, 2020, updated December 15, 2020\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Multiple buffer overflow issues existed in openEXR\n\nDescription: Multiple issues in openEXR were addressed with improved checks.\n\nCVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nCVE-2020-9936: Mickey Jin of Trend Micro\n\nCVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9984: an anonymous researcher\n\nEntry updated September 21, 2020\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9919: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9876: Mickey Jin of Trend Micro\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab\n\n**ImageIO**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed through improved input validation.\n\nCVE-2020-9875: Mickey Jin of Trend Micro\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: Windows 7 and later\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: Windows 7 and later\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n## Additional recognition\n\n**ImageIO**\n\nWe would like to acknowledge Xingwei Lin of Ant-financial Light-Year Security Lab for their assistance.\n\nEntry added September 21, 2020\n", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-15T05:45:32", "title": "About the security content of iTunes 12.10.8 for Windows - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2020-9874", "CVE-2020-11761", "CVE-2020-9862", "CVE-2020-9883", "CVE-2020-9984", "CVE-2020-9894", "CVE-2020-11763", "CVE-2020-11765", "CVE-2020-9876", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9938", "CVE-2020-9916", "CVE-2020-9877", "CVE-2020-9919", "CVE-2020-11758", "CVE-2020-11760", "CVE-2020-9879", "CVE-2020-9893", "CVE-2020-11759", "CVE-2020-11764", "CVE-2020-9915", "CVE-2020-11762", "CVE-2020-9936", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-12-15T05:45:32", "id": "APPLE:HT211293", "href": "https://support.apple.com/kb/HT211293 ", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-24T20:42:02", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## tvOS 13.4.8\n\nReleased July 15, 2020\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9884: Yu Zhou(@yuzhou6666) of \u5c0f\u9e21\u5e2e working with Trend Micro Zero Day Initiative\n\nCVE-2020-9889: Anonymous working with Trend Micro\u2019s Zero Day Initiative, JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nEntry updated August 10, 2020\n\n**Audio**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9888: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9890: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9891: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nEntry updated August 10, 2020\n\n**AVEVideoEncoder**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2020-9907: 08Tc3wBB working with ZecOps\n\nEntry added July 28, 2020, updated August 31, 2020\n\n**CoreGraphics**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nEntry added July 28, 2020, updated December 15, 2020\n\n**Crash Reporter**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud\n\n**Crash Reporter**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.\n\nCVE-2020-9900: Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group\n\nEntry added August 10, 2020\n\n**FontParser**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9980: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added September 21, 2020, updated October 19, 2020\n\n**GeoServices**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to read sensitive location information\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.\n\n**iAP**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2020-9914: Andy Davis of NCC Group\n\nEntry updated July 28, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Multiple buffer overflow issues existed in openEXR\n\nDescription: Multiple issues in openEXR were addressed with improved checks.\n\nCVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nCVE-2020-9936: Mickey Jin of Trend Micro\n\nCVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nEntry updated August 10, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9919: Mickey Jin of Trend Micro\n\nEntry added July 28, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9876: Mickey Jin of Trend Micro\n\nEntry added July 28, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9984: an anonymous researcher\n\nEntry added July 28, 2020, updated September 21, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added August 10, 2020\n\n**ImageIO**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed through improved input validation.\n\nCVE-2020-9875: Mickey Jin of Trend Micro\n\nEntry added August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel\n\nDescription: A routing issue was addressed with improved restrictions.\n\nCVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9909: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-9904: Tielei Wang of Pangu Lab\n\nEntry added July 28, 2020\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2020-9863: Xinru Chi of Pangu Lab\n\nEntry updated August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: Multiple memory corruption issues were addressed with improved state management.\n\nCVE-2020-9892: Andy Nguyen of Google\n\nEntry added August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9902: Xinru Chi and Tielei Wang of Pangu Lab\n\nEntry added August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2020-9905: Raz Mashat (@RazMashat) of ZecOps\n\nEntry added August 31, 2020\n\n**Model I/O**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2020-9880: Holger Fuhrmannek of Deutsche Telekom Security\n\nEntry added September 21, 2020\n\n**Model I/O**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9878: Aleksandar Nikolic of Cisco Talos, Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9940: Holger Fuhrmannek of Deutsche Telekom Security\n\nEntry added September 21, 2020\n\n**Security**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate\n\nDescription: A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation.\n\nCVE-2020-9868: Brian Wolff of Asana\n\nEntry added July 28, 2020\n\n**sysdiagnose**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.\n\nCVE-2020-9901: Tim Michaud (@TimGMichaud) of Leviathan, Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group\n\nEntry added August 10, 2020, updated August 31, 2020\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\nEntry updated July 28, 2020\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n**WebRTC**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position may be able to cause heap corruption via a crafted SCTP stream\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-6514: Natalie Silvanovich of Google Project Zero\n\nEntry added September 21, 2020\n\n**Wi-Fi**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn)\n\n\n\n## Additional recognition\n\n**CoreFoundation**\n\nWe would like to acknowledge Bobby Pelletier for their assistance.\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nWe would like to acknowledge Xingwei Lin of Ant-financial Light-Year Security Lab for their assistance.\n\nEntry added September 21, 2020\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-15T05:58:45", "title": "About the security content of tvOS 13.4.8 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2020-9884", "CVE-2020-9889", "CVE-2020-9905", "CVE-2020-9868", "CVE-2020-9874", "CVE-2020-9907", "CVE-2020-11761", "CVE-2020-9933", "CVE-2020-9862", "CVE-2020-9883", "CVE-2020-9984", "CVE-2020-9904", "CVE-2020-9894", "CVE-2020-11763", "CVE-2020-9914", "CVE-2020-11765", "CVE-2020-9901", "CVE-2020-9891", "CVE-2020-9876", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9938", "CVE-2020-9940", "CVE-2020-9888", "CVE-2020-9916", "CVE-2019-14899", "CVE-2020-9880", "CVE-2020-9877", "CVE-2020-9919", "CVE-2020-9865", "CVE-2020-11758", "CVE-2020-9863", "CVE-2020-6514", "CVE-2020-11760", "CVE-2020-9900", "CVE-2020-9879", "CVE-2020-9878", "CVE-2020-9893", "CVE-2020-9980", "CVE-2020-11759", "CVE-2020-11764", "CVE-2020-9915", "CVE-2020-11762", "CVE-2020-9936", "CVE-2020-9918", "CVE-2020-9902", "CVE-2020-9892", "CVE-2020-9909", "CVE-2020-9890", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-12-15T05:58:45", "id": "APPLE:HT211290", "href": "https://support.apple.com/kb/HT211290", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:41:44", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## watchOS 6.2.8\n\nReleased July 15, 2020\n\n**Audio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9884: Yu Zhou(@yuzhou6666) of \u5c0f\u9e21\u5e2e working with Trend Micro Zero Day Initiative\n\nCVE-2020-9889: Anonymous working with Trend Micro\u2019s Zero Day Initiative, JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nEntry updated August 10, 2020\n\n**Audio**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9888: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9890: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9891: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nEntry updated August 10, 2020\n\n**CoreGraphics**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nEntry added July 28, 2020, updated December 15, 2020\n\n**Crash Reporter**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud\n\n**Crash Reporter**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.\n\nCVE-2020-9900: Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group\n\nEntry added August 10, 2020\n\n**FontParser**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9980: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added September 21, 2020, updated October 19, 2020\n\n**GeoServices**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to read sensitive location information\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Multiple buffer overflow issues existed in openEXR\n\nDescription: Multiple issues in openEXR were addressed with improved checks.\n\nCVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nCVE-2020-9936: Mickey Jin of Trend Micro\n\nCVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nEntry updated August 10, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9919: Mickey Jin of Trend Micro\n\nEntry added July 28, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9876: Mickey Jin of Trend Micro\n\nEntry added July 28, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9984: an anonymous researcher\n\nEntry added July 28, 2020, updated September 21, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added August 10, 2020\n\n**ImageIO**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed through improved input validation.\n\nCVE-2020-9875: Mickey Jin of Trend Micro\n\nEntry added August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2020-9923: Proteas\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9909: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-9904: Tielei Wang of Pangu Lab\n\nEntry added July 28, 2020\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2020-9863: Xinru Chi of Pangu Lab\n\nEntry updated August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: Multiple memory corruption issues were addressed with improved state management.\n\nCVE-2020-9892: Andy Nguyen of Google\n\nEntry added August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9902: Xinru Chi and Tielei Wang of Pangu Lab\n\nEntry added August 10, 2020\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious application may disclose restricted memory\n\nDescription: An information disclosure issue was addressed with improved state management.\n\nCVE-2020-9997: Catalin Valeriu Lita of SecurityScorecard\n\nEntry added September 21, 2020\n\n**Mail**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious mail server may overwrite arbitrary mail files\n\nDescription: A path handling issue was addressed with improved validation.\n\nCVE-2020-9920: YongYue Wang AKA BigChan of Hillstone Networks AF Team\n\nEntry added July 28, 2020\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A user that is removed from an iMessage group could rejoin the group\n\nDescription: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification.\n\nCVE-2020-9885: an anonymous researcher, Suryansh Mansharamani, of WWP High School North (medium.com/@suryanshmansha)\n\n**Model I/O**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2020-9880: Holger Fuhrmannek of Deutsche Telekom Security\n\nEntry added September 21, 2020\n\n**Model I/O**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9878: Aleksandar Nikolic of Cisco Talos, Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9881: Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9882: Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9985: Holger Fuhrmannek of Deutsche Telekom Security\n\nEntry added September 21, 2020\n\n**Security**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate\n\nDescription: A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation.\n\nCVE-2020-9868: Brian Wolff of Asana\n\nEntry added July 28, 2020\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\nEntry updated July 28, 2020\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n**WebRTC**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker in a privileged network position may be able to cause heap corruption via a crafted SCTP stream\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-6514: Natalie Silvanovich of Google Project Zero\n\nEntry added September 21, 2020\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn)\n\n**Wi-Fi**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2020-9906: Ian Beer of Google Project Zero\n\nEntry added July 28, 2020\n\n\n\n## Additional recognition\n\n**CoreFoundation**\n\nWe would like to acknowledge Bobby Pelletier for their assistance.\n\nEntry added September 8, 2020\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n", "edition": 11, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-15T05:53:50", "title": "About the security content of watchOS 6.2.8 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2020-9884", "CVE-2020-9889", "CVE-2020-9868", "CVE-2020-9874", "CVE-2020-11761", "CVE-2020-9933", "CVE-2020-9862", "CVE-2020-9883", "CVE-2020-9885", "CVE-2020-9906", "CVE-2020-9984", "CVE-2020-9904", "CVE-2020-9894", "CVE-2020-11763", "CVE-2020-11765", "CVE-2020-9891", "CVE-2020-9876", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9938", "CVE-2020-9888", "CVE-2020-9916", "CVE-2020-9923", "CVE-2020-9880", "CVE-2020-9877", "CVE-2020-9919", "CVE-2020-9865", "CVE-2020-11758", "CVE-2020-9863", "CVE-2020-6514", "CVE-2020-11760", "CVE-2020-9900", "CVE-2020-9879", "CVE-2020-9878", "CVE-2020-9893", "CVE-2020-9920", "CVE-2020-9985", "CVE-2020-9980", "CVE-2020-11759", "CVE-2020-9882", "CVE-2020-11764", "CVE-2020-9915", "CVE-2020-11762", "CVE-2020-9936", "CVE-2020-9918", "CVE-2020-9902", "CVE-2020-9881", "CVE-2020-9892", "CVE-2020-9997", "CVE-2020-9909", "CVE-2020-9890", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-12-15T05:53:50", "id": "APPLE:HT211291", "href": "https://support.apple.com/kb/HT211291", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:53", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## iOS 13.6 and iPadOS 13.6\n\nReleased July 15, 2020\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9888: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9890: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9891: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nEntry updated August 5, 2020\n\n**Audio**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted audio file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9884: Yu Zhou(@yuzhou6666) of \u5c0f\u9e21\u5e2e working with Trend Micro Zero Day Initiative\n\nCVE-2020-9889: Anonymous working with Trend Micro\u2019s Zero Day Initiative, JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab\n\nEntry updated August 5, 2020\n\n**AVEVideoEncoder**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2020-9907: 08Tc3wBB working with ZecOps\n\nEntry added July 24, 2020, updated August 31, 2020\n\n**Bluetooth**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may cause an unexpected application termination\n\nDescription: A denial of service issue was addressed with improved input validation.\n\nCVE-2020-9931: Dennis Heinze (@ttdennis) of TU Darmstadt, Secure Mobile Networking Lab\n\n**CoreFoundation**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local user may be able to view sensitive user information\n\nDescription: An issue existed in the handling of environment variables. This issue was addressed with improved validation.\n\nCVE-2020-9934: Matt Shockley (linkedin.com/in/shocktop)\n\nEntry updated August 5, 2020\n\n**CoreGraphics**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro\n\nEntry added July 24, 2020, updated December 15, 2020\n\n**Crash Reporter**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to break out of its sandbox\n\nDescription: A memory corruption issue was addressed by removing the vulnerable code.\n\nCVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud\n\n**Crash Reporter**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.\n\nCVE-2020-9900: Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group\n\nEntry added August 5, 2020\n\n**FontParser**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted font file may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9980: Xingwei Lin of Ant Security Light-Year Lab\n\nEntry added September 21, 2020, updated October 19, 2020\n\n**GeoServices**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to read sensitive location information\n\nDescription: An authorization issue was addressed with improved state management.\n\nCVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.\n\n**iAP**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker in a privileged network position may be able to perform denial of service attack using malformed Bluetooth packets\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2020-9914: Andy Davis of NCC Group\n\nEntry updated July 24, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Multiple buffer overflow issues existed in openEXR\n\nDescription: Multiple issues in openEXR were addressed with improved checks.\n\nCVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nCVE-2020-9936: Mickey Jin of Trend Micro\n\nCVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab\n\nEntry updated August 5, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9919: Mickey Jin of Trend Micro\n\nEntry added July 24, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2020-9876: Mickey Jin of Trend Micro\n\nEntry added July 24, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nCVE-2020-9984: an anonymous researcher\n\nEntry added July 24, 2020, updated September 21, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab\n\nEntry added August 5, 2020\n\n**ImageIO**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted image may lead to arbitrary code execution\n\nDescription: An integer overflow was addressed through improved input validation.\n\nCVE-2020-9875: Mickey Jin of Trend Micro\n\nEntry added August 5, 2020\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2020-9923: Proteas\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel\n\nDescription: A routing issue was addressed with improved restrictions.\n\nCVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9909: Brandon Azad of Google Project Zero\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-9904: Tielei Wang of Pangu Lab\n\nEntry added July 24, 2020\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2020-9863: Xinru Chi of Pangu Lab\n\nEntry updated August 5, 2020\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: Multiple memory corruption issues were addressed with improved state management.\n\nCVE-2020-9892: Andy Nguyen of Google\n\nEntry added July 24, 2020\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious application may be able to determine kernel memory layout\n\nDescription: An out-of-bounds read was addressed with improved bounds checking.\n\nCVE-2020-9902: Xinru Chi and Tielei Wang of Pangu Lab\n\nEntry added August 5, 2020\n\n**Kernel**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2020-9905: Raz Mashat (@RazMashat) of ZecOps\n\nEntry added August 5, 2020\n\n**Mail**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An out-of-bounds write issue was addressed with improved bounds checking.\n\nCVE-2019-19906\n\nEntry added July 24, 2020, updated September 8, 2020\n\n**Mail**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious mail server may overwrite arbitrary mail files\n\nDescription: A path handling issue was addressed with improved validation.\n\nCVE-2020-9920: YongYue Wang AKA BigChan of Hillstone Networks AF Team\n\nEntry added July 24, 2020\n\n**Messages**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A user that is removed from an iMessage group could rejoin the group\n\nDescription: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification.\n\nCVE-2020-9885: an anonymous researcher, Suryansh Mansharamani of WWP High School North (medium.com/@suryanshmansha)\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2020-9878: Aleksandar Nikolic of Cisco Talos, Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9881: Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9882: Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9940: Holger Fuhrmannek of Deutsche Telekom Security\n\nCVE-2020-9985: Holger Fuhrmannek of Deutsche Telekom Security\n\nEntry updated September 21, 2020\n\n**Model I/O**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow was addressed with improved bounds checking.\n\nCVE-2020-9880: Holger Fuhrmannek of Deutsche Telekom Security\n\nEntry added September 21, 2020\n\n**Safari Login AutoFill**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious attacker may cause Safari to suggest a password for the wrong domain\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2020-9903: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)\n\n**Safari Reader**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An issue in Safari Reader mode may allow a remote attacker to bypass the Same Origin Policy\n\nDescription: A logic issue was addressed with improved restrictions.\n\nCVE-2020-9911: Nikhil Mittal (@c0d3G33k) of Payatu Labs (payatu.com)\n\n**Security**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker may have been able to impersonate a trusted website using shared key material for an administrator added certificate\n\nDescription: A certificate validation issue existed when processing administrator added certificates. This issue was addressed with improved certificate validation.\n\nCVE-2020-9868: Brian Wolff of Asana\n\nEntry added July 24, 2020\n\n**sysdiagnose**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A local attacker may be able to elevate their privileges\n\nDescription: An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization.\n\nCVE-2020-9901: Tim Michaud (@TimGMichaud) of Leviathan, Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group\n\nEntry added August 5, 2020, updated August 31, 2020\n\n**WebDAV**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A sandboxed process may be able to circumvent sandbox restrictions\n\nDescription: This issue was addressed with improved entitlements.\n\nCVE-2020-9898: Sreejith Krishnan R (@skr0x1C0)\n\nEntry added September 8, 2020\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced\n\nDescription: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.\n\nCVE-2020-9915: Ayoub AIT ELMOKHTAR of Noon\n\nEntry updated July 24, 2020\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative\n\nCVE-2020-9895: Wen Xu of SSLab, Georgia Tech\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2020-9925: an anonymous researcher\n\n**WebKit**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication\n\nDescription: Multiple issues were addressed with improved logic.\n\nCVE-2020-9910: Samuel Gro\u00df of Google Project Zero\n\n**WebKit Page Loading**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A malicious attacker may be able to conceal the destination of a URL\n\nDescription: A URL Unicode encoding issue was addressed with improved state management.\n\nCVE-2020-9916: Rakesh Mane (@RakeshMane10)\n\n**WebKit Web Inspector**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: Copying a URL from Web Inspector may lead to command injection\n\nDescription: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.\n\nCVE-2020-9862: Ophir Lojkine (@lovasoa)\n\n**WebRTC**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: An attacker in a privileged network position may be able to cause heap corruption via a crafted SCTP stream\n\nDescription: A memory corruption issue was addressed with improved state management.\n\nCVE-2020-6514: Natalie Silvanovich of Google Project Zero\n\nEntry added September 21, 2020\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn)\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2020-9906: Ian Beer of Google Project Zero\n\nEntry added July 24, 2020\n\n**Wi-Fi**\n\nAvailable for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch (7th generation)\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2020-9917: Pradeep Deokate of Harman, Stefan B\u00f6hrer at Daimler AG, proofnet.de\n\nEntry updated July 24, 2020\n\n\n\n## Additional recognition\n\n**Bluetooth**\n\nWe would like to acknowledge Andy Davis of NCC Group for their assistance.\n\n**CoreFoundation**\n\nWe would like to acknowledge Bobby Pelletier for their assistance.\n\nEntry added September 8, 2020\n\n**ImageIO**\n\nWe would like to acknowledge Xingwei Lin of Ant-financial Light-Year Security Lab for their assistance.\n\nEntry added September 21, 2020\n\n**Kernel**\n\nWe would like to acknowledge Brandon Azad of Google Project Zero for their assistance.\n\n**USB Audio**\n\nWe would like to acknowledge Andy Davis of NCC Group for their assistance.\n", "edition": 12, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-15T05:18:44", "title": "About the security content of iOS 13.6 and iPadOS 13.6 - Apple Support", "type": "apple", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2019-19906", "CVE-2020-9884", "CVE-2020-9889", "CVE-2020-9905", "CVE-2020-9868", "CVE-2020-9874", "CVE-2020-9907", "CVE-2020-11761", "CVE-2020-9933", "CVE-2020-9862", "CVE-2020-9883", "CVE-2020-9885", "CVE-2020-9906", "CVE-2020-9984", "CVE-2020-9904", "CVE-2020-9894", "CVE-2020-11763", "CVE-2020-9914", "CVE-2020-11765", "CVE-2020-9901", "CVE-2020-9891", "CVE-2020-9876", "CVE-2020-9903", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9898", "CVE-2020-9895", "CVE-2020-9911", "CVE-2020-9938", "CVE-2020-9940", "CVE-2020-9888", "CVE-2020-9934", "CVE-2020-9916", "CVE-2020-9923", "CVE-2019-14899", "CVE-2020-9880", "CVE-2020-9877", "CVE-2020-9917", "CVE-2020-9919", "CVE-2020-9865", "CVE-2020-11758", "CVE-2020-9863", "CVE-2020-6514", "CVE-2020-11760", "CVE-2020-9931", "CVE-2020-9900", "CVE-2020-9879", "CVE-2020-9878", "CVE-2020-9893", "CVE-2020-9920", "CVE-2020-9985", "CVE-2020-9980", "CVE-2020-11759", "CVE-2020-9882", "CVE-2020-11764", "CVE-2020-9915", "CVE-2020-11762", "CVE-2020-9936", "CVE-2020-9918", "CVE-2020-9902", "CVE-2020-9881", "CVE-2020-9892", "CVE-2020-9909", "CVE-2020-9890", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-12-15T05:18:44", "id": "APPLE:HT211288", "href": "https://support.apple.com/kb/HT211288", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2020-10-29T19:17:35", "description": "### *Detect date*:\n08/10/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Apple iCloud. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, execute arbitrary code, cause denial of service, perform cross-site scripting attack, spoof user interface.\n\n### *Affected products*:\nApple iCloud earlier than 7.20\n\n### *Solution*:\nUpdate to the latest version \n[Download iCloud](<https://support.apple.com/kb/HT204283>)\n\n### *Original advisories*:\n[About the security content of iCloud for Windows 7.20](<https://support.apple.com/kb/HT211295>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iCloud](<https://threats.kaspersky.com/en/product/Apple-iCloud/>)\n\n### *CVE-IDS*:\n[CVE-2020-9910](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9910>)0.0Unknown \n[CVE-2020-9894](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9894>)0.0Unknown \n[CVE-2020-9938](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9938>)0.0Unknown \n[CVE-2020-9877](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9877>)0.0Unknown \n[CVE-2020-9879](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9879>)0.0Unknown \n[CVE-2020-9871](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9871>)0.0Unknown \n[CVE-2020-9919](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9919>)0.0Unknown \n[CVE-2020-9876](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9876>)0.0Unknown \n[CVE-2020-9875](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9875>)0.0Unknown \n[CVE-2020-9895](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9895>)0.0Unknown \n[CVE-2020-9874](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9874>)0.0Unknown \n[CVE-2020-9936](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9936>)0.0Unknown \n[CVE-2020-9862](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9862>)0.0Unknown \n[CVE-2020-9872](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9872>)0.0Unknown \n[CVE-2020-9873](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9873>)0.0Unknown \n[CVE-2020-9925](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9925>)0.0Unknown \n[CVE-2020-9937](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9937>)0.0Unknown \n[CVE-2020-9916](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9916>)0.0Unknown \n[CVE-2020-9915](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9915>)0.0Unknown \n[CVE-2020-9893](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9893>)0.0Unknown", "edition": 3, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-08-10T00:00:00", "title": "\r KLA11926Multiple vulnerabilities in Apple iCloud ", "type": "kaspersky", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-9871", "CVE-2020-9874", "CVE-2020-9862", "CVE-2020-9894", "CVE-2020-9876", "CVE-2020-9875", "CVE-2020-9910", "CVE-2020-9925", "CVE-2020-9895", "CVE-2020-9938", "CVE-2020-9916", "CVE-2020-9877", "CVE-2020-9919", "CVE-2020-9879", "CVE-2020-9893", "CVE-2020-9915", "CVE-2020-9936", "CVE-2020-9872", "CVE-2020-9873", "CVE-2020-9937"], "modified": "2020-08-18T00:00:00", "id": "KLA11926", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11926", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "almalinux": [{"lastseen": "2021-07-30T15:48:05", "description": "GNOME is the default desktop environment of AlmaLinux.\n\nThe following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)\n\nSecurity Fix(es):\n\n* webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)\n\n* gnome-settings-daemon: AlmaLinux Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n* LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-03T12:05:56", "type": "almalinux", "title": "Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2021-07-30T12:33:04", "id": "ALSA-2020:4451", "href": "https://errata.almalinux.org/8/ALSA-2020-4451.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-30T06:24:38", "description": "dleyna-renderer\n[0.6.0-3]\n- Add a manual\nResolves: #1612579\nfrei0r-plugins\n[1.6.1-7]\n- Rebuild with newer annobin to fix rpmdiff problems\n- Fix the build with a newer opencv\n- Resolves: rhbz#1703994\ngdm\n[3.28.3-34]\n- Fix file descriptor leak\n Resolves: #1877853\n[3.28.3-33]\n- Fix problem with Xorg fallback\n Resolves: #1868260\n[3.28.3-32]\n- Add dconf db to file manifest\n Related: #1833158\n[3.28.3-31]\n- add back gdm system db to dconf profile\n Resolves: #1833158\n[3.28.3-30]\n- Make sure login screen is killed during login\n Resolves: #1618481\ngnome-control-center\n[3.28.2-22]\n- Categorize Infiniband devices correctly\n Resolves: #1826379\n[3.28.2-21]\n- Honor sound theme changes when changing from the default theme\n- Resolves: #1706008\n[3.28.2-20]\n- Fix 90min automatic sleep option to not last 80min\n- Resolves: #1706076\ngnome-photos\n[3.28.1-3]\n- Disable Python 2 during the build - itstool doesnt need it anymore\nResolves: #1597806\n[3.28.1-2]\n- rebuild\ngnome-remote-desktop\n[0.1.8-3]\n- Backport cursor only frame fixes\n Related: #1837406\n[0.1.8-2]\n- Dont crash on metadata only buffers\n Resolves: #1847062\n[0.1.8-1]\n- Rebase to 0.1.8\n Resolves: #1837406\ngnome-session\n[3.28.1-10.0.1]\n- Update kiosk-session subpackage with Oracle references [Orabug: 32095108]\n[3.28.1-10]\n- Show cursor explicitly from session selector\n Resolves: #1624430\n[3.28.1-9]\n- Add kiosk-session subpackage to help users set up RHEL for\n kiosk/point-of-sale use.\n Resolves: #1739556\ngnome-settings-daemon\n[3.32.0-11]\n- Remove subman plugin for now\n Resolves: #1872457\n[3.32.0-10]\n- Disable subman plugin on CentOS\n Resolves: #1827030\ngnome-shell\n[3.32.2-20]\n- Fix popupMenu keynav when NumLock is active\n Resolves: #1840080\n[3.32.2-19]\n- Fix last backport\n Resolves: #1847051\n[3.32.2-18]\n- Fix more spurious allocation warnings\n Resolves: #1715845\n[3.32.2-17]\n- Really allow using perf-tool on wayland\n Resolves: #1652178\n- Fix timed login without user list\n Resolves: #1668895\n- Fix HighContrast/symbolic icon mixup\n Resolves: #1794045\n- Backport introspect API changes\n Resolves: #1837413\n[3.32.2-16]\n- Drop bad upstream patch\n Resolves: #1820760\n[3.32.2-15]\n- Improve performance under load\n Resolves: #1820760\ngnome-shell-extensions\n[3.32.1-11]\n- Adjust dash-to-dock for classic backports\n Resolves: #1805929\n- Fix inconsistent state in window-list prefs dialog\n Resolves: #1824362\ngnome-terminal\n[3.28.3-2]\n- Add a manual\n- Resolves: #1612688\ngsettings-desktop-schemas\n[3.32.0-5]\n- Recommend DejaVu Sans Mono font as the default monospace font\n Resolves: #1656262\ngtk3\n[3.22.30-6]\n- Fix reuse of list box header widgets (#rhbz1843486)\ngtk-doc\n[1.28-2]\n- Backport a patch to fix x86_64/i686 differences in generated documentation\n- Resolves: #1634770\ngvfs\n[1.36.2-10]\n- Fix libusb(x) requirements (rhbz#1866332)\n[1.36.2-9]\n- Improve enumeration performance of smb backend (rhbz#1569868)\nLibRaw\n[0.19.5-2]\n- Backport fix for CVE-2020-15503 from Fedora\nResolves: #1853529\nlibsoup\n[2.62.3-2]\n- Some WebSocket fixes to unbreak cockpit-desktop (rhbz#1872270)\nmutter\n[3.32.2-48]\n- Fix GLX stereo buffer rebase error\n Resolves: #1880339\n[3.32.2-47]\n- Fix screen sharing on wayland\n Resolves: #1873963\n[3.32.2-46]\n- Handle cursor only screen cast frames better\n Related: #1837381\n[3.32.2-45]\n- Handle GPU unplug gracefully\n Resolves: #1846191\n[3.32.2-44]\n- Dont show widow actor until explictly shown\n Resolves: #1719937\n[3.32.2-43]\n- Only treat WM_PROTOCOLS messages as WM_PROTOCOL messages\n Resolves: #1847203\n[3.32.2-42]\n- Dont pass DMA buffers if they cant be mmap():ed\n Related: #1847062\n[3.32.2-41]\n- Backport is_rendering_hardware_acclerated() API\n Related: #1837381\n[3.32.2-40]\n- Fix DMA buffer memory leak\n Related: #1837381\n[3.32.2-39]\n- Fix incorrect pipewire dependency version\n Related: #1837381\n[3.32.2-38]\n- Backport screen cast and remote desktop improvements\n Resolves: #1837381\n[3.32.2-37]\n- Fix corrupted background after suspend\n Resolves: #1828162\nnautilus\n[3.28.1-14]\n- Fix broken tracker query under certain locales (rhbz#1847061)\n[3.28.1-13]\n- Clear selection if any files dont match the pattern (rhbz#1207179)\n- Fix endless content size calculations (rhbz#1566027)\n- Honor umask when creating new files (rhbz#1778579)\n- Close 'There is no application...' dialog after response (rhbz#1816070)\nPackageKit\n[1.1.12-6.0.1]\n- removed rhel-Vendor.conf.patch\n[1.1.12-6]\n- Fix documentation links in Vendor.conf\n- Resolves: #1837648\n[1.1.12-5]\n- Do not shutdown the daemon on idle\n- Resolves: #1814820\npipewire0.2\n[0.2.7-6]\n- Fix Conflicts: line\n- Remove Recommends: line, its wrong\n- Resolves: rhbz#1832347\n[0.2.7-5]\n- Fix Conflicts: line\n- Resolves: rhbz#1832347\n[0.2.7-4]\n- Add gating file\n- Resolves: rhbz#1832347\n[0.2.7-3]\n- Change source URL\n- Resolves: rhbz#1832347\n[0.2.7-2]\n- Add compat -devel package\n[0.2.7-1]\n- First version\n- Fix bluez5 plugins build\npipewire\n[0.3.6-1]\n- Update to 0.3.6\n- Resolves: rhbz#1832347\n[0.3.5-3]\n- Rebuild\n- Resolves: rhbz#1832347\n[0.3.5-2]\n- Disable vulkan\n- Resolves: rhbz#1832347\n[0.3.5-1]\n- Update to 0.3.5\n- Disable pulse and jack\n- Add patch to work with meson 0.49\n- Add patch to fix neon compilation\n- Resolves: rhbz#1832347\npotrace\n[1.15-3]\n- Fixing build for flatpak (rhbz#1840788)\npygobject3\n[3.28.3-2]\n- Add lock to avoid two type object wrappers getting generated at\n the same time in multi-threaded programs.\n Resolves: #1844578\ntracker\n[2.1.5-2]\n- Rebuild to include tracker-devel in CRB\n- Resolves: #1758891\nvte291\n[0.52.4-2]\n- Avoid overriding -fno-exceptions\nResolves: #1804719\n[0.52.4-1]\n- Update to 0.52.4\nResolves: #1804719\nwebkit2gtk3\n[2.28.4-1]\n- Update to 2.28.4\n- Related: #1817143\n[2.28.2-2]\n- Related: rhbz#1817143 Properly remove webkit2gtk3-plugin-process-gtk2 package\n[2.28.2-1]\n- Resolves: rhbz#1817143 Update to 2.28.2\nwebrtc-audio-processing\n[0.3-9]\n- Rebuild to address Annobin coverage issues\nResolves: #1704148\nxdg-desktop-portal\n[1.6.0-2]\n- Require pipewire0.2-libs for legacy application support.\n Resolves: #1854734\n[1.6.0-1]\n- Rebase to 1.6.0 (#1775345)\n- Backport PipeWire 0.3 support (#1775345)\n- Backport fixes (#1775345)\nxdg-desktop-portal-gtk\n[1.6.0-1]\n- Rebase to 1.6.0 (#1837413)\n- Bump supported Mutter screen cast API version (#1837413)\n- Backport bugfix (#1837413)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "oraclelinux", "title": "GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-11-10T00:00:00", "id": "ELSA-2020-4451", "href": "http://linux.oracle.com/errata/ELSA-2020-4451.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-07-30T06:35:45", "description": "GNOME is the default desktop environment of Red Hat Enterprise Linux.\n\nThe following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)\n\nSecurity Fix(es):\n\n* webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)\n\n* gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n* LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-03T17:05:56", "type": "redhat", "title": "(RHSA-2020:4451) Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-11-04T05:03:54", "id": "RHSA-2020:4451", "href": "https://access.redhat.com/errata/RHSA-2020:4451", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:36:23", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\nThe compliance-operator image updates are now available for OpenShift Container Platform 4.6.\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Aggregator pod tries to parse ConfigMaps without results (BZ#1899479)\n\n* The compliancesuite object returns error with ocp4-cis tailored profile (BZ#1902251)\n\n* The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object (BZ#1902634)\n\n* [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object (BZ#1907414)\n\n* The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator (BZ#1908991)\n\n* Applying the \"rhcos4-moderate\" compliance profile leads to Ignition error \"something else exists at that path\" (BZ#1909081)\n\n* [OCP v46] Always update the default profilebundles on Compliance operator startup (BZ#1909122)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-01-19T18:29:21", "type": "redhat", "title": "(RHSA-2021:0190) Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16935", "CVE-2019-19906", "CVE-2019-20907", "CVE-2019-8815", "CVE-2020-3899", "CVE-2019-8844", "CVE-2020-10018", "CVE-2019-8769", "CVE-2020-3902", "CVE-2019-20388", "CVE-2019-8782", "CVE-2020-9803", "CVE-2019-20218", "CVE-2019-8743", "CVE-2020-3885", "CVE-2019-13627", "CVE-2020-9862", "CVE-2019-20387", "CVE-2020-27813", "CVE-2019-8820", "CVE-2019-16168", "CVE-2020-13632", "CVE-2020-9805", "CVE-2020-3895", "CVE-2020-9894", "CVE-2019-17450", "CVE-2019-8808", "CVE-2020-9806", "CVE-2019-8771", "CVE-2019-14889", "CVE-2020-14391", "CVE-2019-8816", "CVE-2019-20916", "CVE-2020-11793", "CVE-2019-15165", "CVE-2019-19221", "CVE-2019-8819", "CVE-2020-9327", "CVE-2020-3865", "CVE-2020-10029", "CVE-2020-14422", "CVE-2020-9925", "CVE-2020-15503", "CVE-2020-3897", "CVE-2019-8764", "CVE-2019-8823", "CVE-2020-13631", "CVE-2020-9895", "CVE-2019-5018", "CVE-2019-8846", "CVE-2020-14382", "CVE-2020-9802", "CVE-2020-3862", "CVE-2020-1971", "CVE-2019-8766", "CVE-2020-24659", "CVE-2019-8720", "CVE-2020-3867", "CVE-2019-8813", "CVE-2020-3901", "CVE-2020-7595", "CVE-2020-13630", "CVE-2019-18197", "CVE-2020-1751", "CVE-2020-3900", "CVE-2020-9850", "CVE-2019-8811", "CVE-2019-20454", "CVE-2019-20807", "CVE-2020-9807", "CVE-2019-19956", "CVE-2020-1730", "CVE-2019-8835", "CVE-2019-8625", "CVE-2020-9893", "CVE-2020-9843", "CVE-2018-20843", "CVE-2019-15903", "CVE-2020-9915", "CVE-2019-8783", "CVE-2020-1752", "CVE-2020-3894", "CVE-2019-13050", "CVE-2020-8492", "CVE-2019-8710", "CVE-2019-8812", "CVE-2020-3864", "CVE-2020-6405", "CVE-2019-8814", "CVE-2020-3868", "CVE-2020-8177", "CVE-2019-1551", "CVE-2019-11068"], "modified": "2021-01-19T18:35:34", "id": "RHSA-2021:0190", "href": "https://access.redhat.com/errata/RHSA-2021:0190", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:36:18", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThe compliance-operator image updates are now available for OpenShift Container Platform 4.6.\n\nThis advisory provides the following updates among others:\n\n* Enhances profile parsing time.\n* Fixes excessive resource consumption from the Operator.\n* Fixes default content image.\n* Fixes outdated remediation handling.\n\nSecurity Fix(es):\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2021-02-16T18:11:07", "type": "redhat", "title": "(RHSA-2021:0436) Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16935", "CVE-2019-19906", "CVE-2019-20907", "CVE-2019-8815", "CVE-2020-3899", "CVE-2019-8844", "CVE-2020-10018", "CVE-2019-8769", "CVE-2020-3902", "CVE-2019-20388", "CVE-2019-8782", "CVE-2020-9803", "CVE-2019-20218", "CVE-2019-8743", "CVE-2020-3885", "CVE-2019-13627", "CVE-2020-9862", "CVE-2019-20387", "CVE-2019-8820", "CVE-2019-16168", "CVE-2020-13632", "CVE-2020-9805", "CVE-2020-3895", "CVE-2020-9894", "CVE-2019-8808", "CVE-2020-9806", "CVE-2019-8771", "CVE-2019-14889", "CVE-2020-14391", "CVE-2019-8816", "CVE-2019-20916", "CVE-2020-11793", "CVE-2019-15165", "CVE-2019-19221", "CVE-2019-8819", "CVE-2020-9327", "CVE-2020-3865", "CVE-2020-10029", "CVE-2020-14422", "CVE-2020-9925", "CVE-2020-15503", "CVE-2020-3897", "CVE-2019-8764", "CVE-2019-8823", "CVE-2020-13631", "CVE-2020-9895", "CVE-2019-5018", "CVE-2019-8846", "CVE-2020-14382", "CVE-2020-9802", "CVE-2020-3862", "CVE-2020-1971", "CVE-2019-8766", "CVE-2020-24659", "CVE-2019-8720", "CVE-2020-3867", "CVE-2019-8813", "CVE-2020-3901", "CVE-2020-7595", "CVE-2020-13630", "CVE-2019-18197", "CVE-2020-1751", "CVE-2020-3900", "CVE-2020-9850", "CVE-2019-8811", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20386", "CVE-2020-9807", "CVE-2019-19956", "CVE-2020-1730", "CVE-2019-8835", "CVE-2019-8625", "CVE-2020-9893", "CVE-2020-28362", "CVE-2020-9843", "CVE-2018-20843", "CVE-2019-15903", "CVE-2020-9915", "CVE-2019-8783", "CVE-2020-1752", "CVE-2020-3894", "CVE-2019-13050", "CVE-2020-8492", "CVE-2019-8710", "CVE-2019-8812", "CVE-2020-3864", "CVE-2020-6405", "CVE-2019-8814", "CVE-2020-3868", "CVE-2020-8177", "CVE-2019-1551", "CVE-2019-11068"], "modified": "2021-02-16T18:11:50", "id": "RHSA-2021:0436", "href": "https://access.redhat.com/errata/RHSA-2021:0436", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:51", "description": "This release of Red Hat Quay v3.3.3 includes:\n\nSecurity Update(s):\n\n* quay: persistent XSS in repository notification display (CVE-2020-27832)\n\n* quay: email notifications authorization bypass (CVE-2020-27831)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nBug Fix(es):\n* NVD feed fixed in Clair-v2 (clair-jwt image)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-11T12:29:40", "type": "redhat", "title": "(RHSA-2021:0050) Moderate: Red Hat Quay v3.3.3 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16935", "CVE-2019-19906", "CVE-2019-20907", "CVE-2019-8815", "CVE-2020-3899", "CVE-2019-8844", "CVE-2020-10018", "CVE-2019-8769", "CVE-2020-3902", "CVE-2019-20388", "CVE-2019-8782", "CVE-2020-9803", "CVE-2019-20218", "CVE-2019-8743", "CVE-2020-3885", "CVE-2019-13627", "CVE-2020-9862", "CVE-2019-20387", "CVE-2019-8820", "CVE-2019-16168", "CVE-2020-13632", "CVE-2020-9805", "CVE-2020-3895", "CVE-2020-9894", "CVE-2019-8808", "CVE-2020-9806", "CVE-2019-8771", "CVE-2019-14889", "CVE-2020-14391", "CVE-2019-8816", "CVE-2019-20916", "CVE-2020-11793", "CVE-2019-15165", "CVE-2019-19221", "CVE-2019-8819", "CVE-2020-9327", "CVE-2020-3865", "CVE-2020-10029", "CVE-2020-14422", "CVE-2020-9925", "CVE-2020-15503", "CVE-2020-3897", "CVE-2019-8764", "CVE-2019-8823", "CVE-2020-13631", "CVE-2020-9895", "CVE-2019-5018", "CVE-2019-8846", "CVE-2020-14382", "CVE-2020-27831", "CVE-2020-9802", "CVE-2020-3862", "CVE-2020-1971", "CVE-2019-8766", "CVE-2020-24659", "CVE-2020-27832", "CVE-2019-8720", "CVE-2020-3867", "CVE-2019-8813", "CVE-2020-3901", "CVE-2020-7595", "CVE-2020-13630", "CVE-2020-1751", "CVE-2020-3900", "CVE-2020-9850", "CVE-2019-8811", "CVE-2019-20454", "CVE-2019-20807", "CVE-2020-9807", "CVE-2019-19956", "CVE-2020-1730", "CVE-2019-8835", "CVE-2019-8625", "CVE-2020-9893", "CVE-2020-9843", "CVE-2018-20843", "CVE-2019-15903", "CVE-2020-9915", "CVE-2019-8783", "CVE-2020-1752", "CVE-2020-3894", "CVE-2019-13050", "CVE-2020-8492", "CVE-2019-8710", "CVE-2019-8812", "CVE-2020-3864", "CVE-2020-6405", "CVE-2019-8814", "CVE-2020-3868"], "modified": "2021-01-11T12:30:20", "id": "RHSA-2021:0050", "href": "https://access.redhat.com/errata/RHSA-2021:0050", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:37:14", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.7.0. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHEA-2020:5633\n\nAll OpenShift Container Platform users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n-between-minor.html#understanding-upgrade-channels_updating-cluster-between\n-minor.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-24T19:47:52", "type": "redhat", "title": "(RHSA-2020:5635) Moderate: OpenShift Container Platform 4.7.0 extras and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-3884", "CVE-2019-16935", "CVE-2019-19906", "CVE-2019-20907", "CVE-2019-8815", "CVE-2020-3899", "CVE-2019-8844", "CVE-2020-10018", "CVE-2019-8769", "CVE-2020-3902", "CVE-2019-20388", "CVE-2019-8782", "CVE-2020-9803", "CVE-2019-20218", "CVE-2020-29652", "CVE-2019-8743", "CVE-2020-3885", "CVE-2019-13627", "CVE-2020-9862", "CVE-2019-20387", "CVE-2020-15999", "CVE-2019-8820", "CVE-2019-16168", "CVE-2020-13632", "CVE-2020-9805", "CVE-2020-3895", "CVE-2020-9894", "CVE-2019-17450", "CVE-2019-8808", "CVE-2020-9806", "CVE-2019-8771", "CVE-2019-14889", "CVE-2020-14391", "CVE-2021-3121", "CVE-2020-25658", "CVE-2019-8816", "CVE-2019-20916", "CVE-2020-11793", "CVE-2019-15165", "CVE-2019-19221", "CVE-2019-8819", "CVE-2020-9327", "CVE-2020-3898", "CVE-2020-8624", "CVE-2020-3865", "CVE-2020-10029", "CVE-2020-14422", "CVE-2020-8566", "CVE-2020-9925", "CVE-2020-15503", "CVE-2020-3897", "CVE-2019-8764", "CVE-2019-8823", "CVE-2020-13631", "CVE-2020-9895", "CVE-2019-5018", "CVE-2019-8846", "CVE-2020-25211", "CVE-2020-14382", "CVE-2020-9802", "CVE-2020-3862", "CVE-2020-1971", "CVE-2019-8766", "CVE-2020-24659", "CVE-2019-8720", "CVE-2020-8622", "CVE-2020-3867", "CVE-2019-8813", "CVE-2020-8619", "CVE-2020-3901", "CVE-2020-7595", "CVE-2020-13630", "CVE-2019-13225", "CVE-2020-8623", "CVE-2020-1751", "CVE-2020-3900", "CVE-2020-9850", "CVE-2020-15157", "CVE-2019-8811", "CVE-2019-20454", "CVE-2020-24750", "CVE-2019-20807", "CVE-2020-9807", "CVE-2019-19956", "CVE-2020-1730", "CVE-2019-8835", "CVE-2020-14040", "CVE-2019-8625", "CVE-2020-9893", "CVE-2020-9843", "CVE-2018-20843", "CVE-2019-15903", "CVE-2020-9915", "CVE-2019-8783", "CVE-2020-1752", "CVE-2020-3894", "CVE-2019-13050", "CVE-2020-8492", "CVE-2019-8710", "CVE-2019-8812", "CVE-2020-3864", "CVE-2020-6405", "CVE-2019-8814", "CVE-2020-3868", "CVE-2019-17546"], "modified": "2021-03-02T22:28:43", "id": "RHSA-2020:5635", "href": "https://access.redhat.com/errata/RHSA-2020:5635", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:35:43", "description": "Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API.\n\nThese updated images include numerous security fixes, bug fixes, and enhancements. \n\nSecurity Fix(es):\n\n* nodejs-node-forge: prototype pollution via the util.setPath function (CVE-2020-7720)\n\n* nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS (CVE-2020-8237)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUsers are directed to the Red Hat OpenShift Container Storage Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.6/html/4.6_release_notes/index\n\nAll Red Hat OpenShift Container Storage users are advised to upgrade to\nthese updated images.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-17T10:33:21", "type": "redhat", "title": "(RHSA-2020:5605) Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16845", "CVE-2019-16935", "CVE-2020-25660", "CVE-2019-19906", "CVE-2019-20907", "CVE-2019-8815", "CVE-2020-8237", "CVE-2020-3899", "CVE-2019-8844", "CVE-2020-10018", "CVE-2020-14019", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2019-8769", "CVE-2020-3902", "CVE-2018-10103", "CVE-2019-20388", "CVE-2019-8782", "CVE-2020-9803", "CVE-2019-20218", "CVE-2019-8743", "CVE-2020-3885", "CVE-2019-13627", "CVE-2020-9862", "CVE-2019-20387", "CVE-2018-14467", "CVE-2019-8820", "CVE-2019-16168", "CVE-2020-13632", "CVE-2020-9805", "CVE-2018-10105", "CVE-2020-3895", "CVE-2020-9894", "CVE-2019-8808", "CVE-2020-9806", "CVE-2019-8771", "CVE-2019-14889", "CVE-2020-14391", "CVE-2020-7720", "CVE-2018-16229", "CVE-2019-8816", "CVE-2018-16452", "CVE-2019-20916", "CVE-2018-14466", "CVE-2020-11793", "CVE-2019-15165", "CVE-2019-19221", "CVE-2019-8819", "CVE-2020-9327", "CVE-2020-3865", "CVE-2020-10029", "CVE-2018-14470", "CVE-2020-14422", "CVE-2018-14880", "CVE-2020-9925", "CVE-2020-15503", "CVE-2020-3897", "CVE-2019-8764", "CVE-2019-8823", "CVE-2020-13631", "CVE-2020-9895", "CVE-2019-5018", "CVE-2019-8846", "CVE-2020-14382", "CVE-2020-9802", "CVE-2020-3862", "CVE-2018-14882", "CVE-2019-8766", "CVE-2019-8720", "CVE-2020-3867", "CVE-2019-8813", "CVE-2020-3901", "CVE-2020-7595", "CVE-2020-13630", "CVE-2019-18197", "CVE-2020-1751", "CVE-2020-3900", "CVE-2018-14879", "CVE-2018-16451", "CVE-2020-9850", "CVE-2019-8811", "CVE-2019-20454", "CVE-2018-16227", "CVE-2019-20807", "CVE-2020-9807", "CVE-2018-14468", "CVE-2019-19956", "CVE-2020-1730", "CVE-2018-16228", "CVE-2019-8835", "CVE-2020-14040", "CVE-2019-8625", "CVE-2020-9893", "CVE-2020-9843", "CVE-2018-14461", "CVE-2019-18609", "CVE-2018-20843", "CVE-2019-15903", "CVE-2018-14462", "CVE-2020-9915", "CVE-2019-8783", "CVE-2018-16230", "CVE-2020-1752", "CVE-2018-14465", "CVE-2020-3894", "CVE-2019-13050", "CVE-2020-8492", "CVE-2019-8710", "CVE-2019-8812", "CVE-2019-15166", "CVE-2018-14464", "CVE-2020-3864", "CVE-2020-15586", "CVE-2018-14881", "CVE-2020-6405", "CVE-2019-8814", "CVE-2020-3868", "CVE-2020-8177", "CVE-2019-1551", "CVE-2019-11068"], "modified": "2020-12-17T10:36:03", "id": "RHSA-2020:5605", "href": "https://access.redhat.com/errata/RHSA-2020:5605", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:36:29", "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.6.0 images:\n\nRHEL-8-CNV-2.6\n==============\nkubevirt-cpu-node-labeller-container-v2.6.0-5\nkubevirt-cpu-model-nfd-plugin-container-v2.6.0-5\nnode-maintenance-operator-container-v2.6.0-13\nkubevirt-vmware-container-v2.6.0-5\nvirtio-win-container-v2.6.0-5\nkubevirt-kvm-info-nfd-plugin-container-v2.6.0-5\nbridge-marker-container-v2.6.0-9\nkubevirt-template-validator-container-v2.6.0-9\nkubevirt-v2v-conversion-container-v2.6.0-6\nkubemacpool-container-v2.6.0-13\nkubevirt-ssp-operator-container-v2.6.0-40\nhyperconverged-cluster-webhook-container-v2.6.0-73\nhyperconverged-cluster-operator-container-v2.6.0-73\novs-cni-plugin-container-v2.6.0-10\ncnv-containernetworking-plugins-container-v2.6.0-10\novs-cni-marker-container-v2.6.0-10\ncluster-network-addons-operator-container-v2.6.0-16\nhostpath-provisioner-container-v2.6.0-11\nhostpath-provisioner-operator-container-v2.6.0-14\nvm-import-virtv2v-container-v2.6.0-21\nkubernetes-nmstate-handler-container-v2.6.0-19\nvm-import-controller-container-v2.6.0-21\nvm-import-operator-container-v2.6.0-21\nvirt-api-container-v2.6.0-111\nvirt-controller-container-v2.6.0-111\nvirt-handler-container-v2.6.0-111\nvirt-operator-container-v2.6.0-111\nvirt-launcher-container-v2.6.0-111\ncnv-must-gather-container-v2.6.0-54\nvirt-cdi-importer-container-v2.6.0-24\nvirt-cdi-cloner-container-v2.6.0-24\nvirt-cdi-controller-container-v2.6.0-24\nvirt-cdi-uploadserver-container-v2.6.0-24\nvirt-cdi-apiserver-container-v2.6.0-24\nvirt-cdi-uploadproxy-container-v2.6.0-24\nvirt-cdi-operator-container-v2.6.0-24\nhco-bundle-registry-container-v2.6.0-582\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-10T13:47:39", "type": "redhat", "title": "(RHSA-2021:0799) Moderate: OpenShift Virtualization 2.6.0 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25684", "CVE-2020-12400", "CVE-2020-16845", "CVE-2019-16935", "CVE-2020-12403", "CVE-2019-19906", "CVE-2019-20907", "CVE-2021-20206", "CVE-2019-8815", "CVE-2020-3899", "CVE-2019-8844", "CVE-2020-10018", "CVE-2020-25705", "CVE-2019-14559", "CVE-2020-25687", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2019-8769", "CVE-2020-3902", "CVE-2018-10103", "CVE-2019-20388", "CVE-2019-8782", "CVE-2020-9803", "CVE-2019-20218", "CVE-2020-29652", "CVE-2019-8743", "CVE-2020-3885", "CVE-2019-13627", "CVE-2020-9862", "CVE-2020-26160", "CVE-2019-20387", "CVE-2020-25685", "CVE-2020-27813", "CVE-2020-15999", "CVE-2018-14467", "CVE-2019-8820", "CVE-2019-16168", "CVE-2020-25681", "CVE-2020-13632", "CVE-2020-9805", "CVE-2018-10105", "CVE-2020-3895", "CVE-2020-9894", "CVE-2019-17450", "CVE-2019-8808", "CVE-2020-9806", "CVE-2021-3156", "CVE-2019-8771", "CVE-2019-14889", "CVE-2020-25683", "CVE-2020-14391", "CVE-2018-16229", "CVE-2021-3121", "CVE-2019-8816", "CVE-2018-16452", "CVE-2019-20916", "CVE-2018-14466", "CVE-2020-11793", "CVE-2019-15165", "CVE-2019-19221", "CVE-2019-8819", "CVE-2020-9327", "CVE-2020-8624", "CVE-2020-3865", "CVE-2020-10029", "CVE-2018-14470", "CVE-2020-14422", "CVE-2018-14880", "CVE-2020-9925", "CVE-2020-15503", "CVE-2020-3897", "CVE-2019-8764", "CVE-2019-8823", "CVE-2020-13631", "CVE-2020-9895", "CVE-2019-5018", "CVE-2019-8846", "CVE-2020-14382", "CVE-2020-9802", "CVE-2020-3862", "CVE-2018-14882", "CVE-2020-1971", "CVE-2020-9283", "CVE-2019-8766", "CVE-2020-24659", "CVE-2019-8720", "CVE-2020-8622", "CVE-2020-3867", "CVE-2019-8813", "CVE-2020-8619", "CVE-2020-3901", "CVE-2020-7595", "CVE-2020-13630", "CVE-2020-8623", "CVE-2019-18197", "CVE-2020-1751", "CVE-2020-3900", "CVE-2018-14879", "CVE-2018-16451", "CVE-2020-9850", "CVE-2019-8811", "CVE-2019-20454", "CVE-2018-16227", "CVE-2020-25682", "CVE-2019-20807", "CVE-2020-9807", "CVE-2018-14468", "CVE-2019-19956", "CVE-2020-1730", "CVE-2018-16228", "CVE-2019-8835", "CVE-2020-14040", "CVE-2019-8625", "CVE-2020-9893", "CVE-2020-28362", "CVE-2020-9843", "CVE-2018-14461", "CVE-2018-20843", "CVE-2019-15903", "CVE-2020-14351", "CVE-2018-14462", "CVE-2020-9915", "CVE-2020-29661", "CVE-2019-8783", "CVE-2018-16230", "CVE-2020-1752", "CVE-2018-14465", "CVE-2020-3894", "CVE-2020-12321", "CVE-2020-6829", "CVE-2019-13050", "CVE-2020-8492", "CVE-2019-8710", "CVE-2019-8812", "CVE-2019-15166", "CVE-2018-14464", "CVE-2020-3864", "CVE-2020-25686", "CVE-2020-15586", "CVE-2018-14881", "CVE-2020-6405", "CVE-2019-8814", "CVE-2020-3868", "CVE-2019-11068"], "modified": "2021-03-10T13:48:38", "id": "RHSA-2021:0799", "href": "https://access.redhat.com/errata/RHSA-2021:0799", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:35:47", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.0. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2020:5634\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64\n\nThe image digest is sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-s390x\n\nThe image digest is sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le\n\nThe image digest is sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.\n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)\n\n* kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* heketi: gluster-block volume password details available in logs (CVE-2020-10763)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-02-24T19:49:26", "type": "redhat", "title": "(RHSA-2020:5633) Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14553", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-20843", "CVE-2019-11068", "CVE-2019-12614", "CVE-2019-13050", "CVE-2019-13225", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15903", "CVE-2019-15917", "CVE-2019-15925", "CVE-2019-16167", "CVE-2019-16168", "CVE-2019-16231", "CVE-2019-16233", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-17546", "CVE-2019-18197", "CVE-2019-18808", "CVE-2019-18809", "CVE-2019-19046", "CVE-2019-19056", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19068", "CVE-2019-19072", "CVE-2019-19221", "CVE-2019-19319", "CVE-2019-19332", "CVE-2019-19447", "CVE-2019-19524", "CVE-2019-19533", "CVE-2019-19537", "CVE-2019-19543", "CVE-2019-19602", "CVE-2019-19767", "CVE-2019-19770", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20054", "CVE-2019-20218", "CVE-2019-20386", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20636", "CVE-2019-20807", "CVE-2019-20812", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-3884", "CVE-2019-5018", "CVE-2019-6977", "CVE-2019-6978", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2019-9455", "CVE-2019-9458", "CVE-2020-0305", "CVE-2020-0444", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-10732", "CVE-2020-10749", "CVE-2020-10751", "CVE-2020-10763", "CVE-2020-10773", "CVE-2020-10774", "CVE-2020-10942", "CVE-2020-11565", "CVE-2020-11668", "CVE-2020-11793", "CVE-2020-12465", "CVE-2020-12655", "CVE-2020-12659", "CVE-2020-12770", "CVE-2020-12826", "CVE-2020-13249", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14019", "CVE-2020-14040", "CVE-2020-14381", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15157", "CVE-2020-15503", "CVE-2020-15862", "CVE-2020-15999", "CVE-2020-16166", "CVE-2020-1716", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24490", "CVE-2020-24659", "CVE-2020-25211", "CVE-2020-25641", "CVE-2020-25658", "CVE-2020-25661", "CVE-2020-25662", "CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687", "CVE-2020-25694", "CVE-2020-25696", "CVE-2020-2574", "CVE-2020-26160", "CVE-2020-2752", "CVE-2020-27813", "CVE-2020-27846", "CVE-2020-28362", "CVE-2020-2922", "CVE-2020-29652", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3898", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-7774", "CVE-2020-8177", "CVE-2020-8492", "CVE-2020-8563", "CVE-2020-8566", "CVE-2020-8619", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624", "CVE-2020-8647", "CVE-2020-8648", "CVE-2020-8649", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2021-2007", "CVE-2021-26539", "CVE-2021-3121"], "modified": "2021-03-02T06:56:45", "id": "RHSA-2020:5633", "href": "https://access.redhat.com/errata/RHSA-2020:5633", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
