DATABASE RESOURCES PRICING ABOUT US

{"id": "C9A62458FFCDA7D13068BA51A14F3364875030AD9E3379B54C1EB8EAA4DD8D49", "vendorId": null, "type": "ibm", "bulletinFamily": "software", "title": "Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities", "description": "## Summary\n\nIBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security (CP4S).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-23308](<https://vulners.com/cve/CVE-2022-23308>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a use-after-free in the ID and IDREF attributes. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220772](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220772>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-36087](<https://vulners.com/cve/CVE-2021-36087>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a heap-based buffer over-read in ebitmap_match_any. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204796](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204796>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36086](<https://vulners.com/cve/CVE-2021-36086>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in cil_reset_classpermission . By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36085](<https://vulners.com/cve/CVE-2021-36085>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in __cil_verify_classperms. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204794](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204794>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36084](<https://vulners.com/cve/CVE-2021-36084>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in __cil_verify_classperms. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204792](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204792>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-17595](<https://vulners.com/cve/CVE-2019-17595>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17594](<https://vulners.com/cve/CVE-2019-17594>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168970](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168970>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-20270](<https://vulners.com/cve/CVE-2021-20270>) \n** DESCRIPTION: **Pygments is vulnerable to a denial of service, caused by an infinite loop in SMLLexer. By performing syntax highlighting of an SML source file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27291](<https://vulners.com/cve/CVE-2021-27291>) \n** DESCRIPTION: **pygments is vulnerable to a denial of service. By persuading a victim to open a specially-crafted ODIN file using the \"&lt;\" character, a remote attacker could exploit this vulnerability to cause the application to process the file for an extended time. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198308](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198308>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20673](<https://vulners.com/cve/CVE-2018-20673>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the demangle_template function in cplus-dem.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155168](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155168>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-23457](<https://vulners.com/cve/CVE-2022-23457>) \n** DESCRIPTION: **ESAPI could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)`. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass control-flow. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225192](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225192>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-24891](<https://vulners.com/cve/CVE-2022-24891>) \n** DESCRIPTION: **ESAPI is vulnerable to cross-site scripting, caused by incorrect regular expression for onsiteURL in the antisamy-esapi.xml configuration file. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-13435](<https://vulners.com/cve/CVE-2020-13435>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by flaw in the sqlite3ExprCodeTarget function in expr.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182406](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182406>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-19603](<https://vulners.com/cve/CVE-2019-19603>) \n** DESCRIPTION: **An error during handling of CREATE TABLE and CREATE VIEW statements in SQLite has an unknown impact via a specially crafted table name. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172765](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172765>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-5827](<https://vulners.com/cve/CVE-2019-5827>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds access in SQLite. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-13751](<https://vulners.com/cve/CVE-2019-13751>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by uninitialized use in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information from process memory. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172987](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172987>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-13750](<https://vulners.com/cve/CVE-2019-13750>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass defense-in-depth measures. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172986](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172986>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-36083](<https://vulners.com/cve/CVE-2022-36083>) \n** DESCRIPTION: **Node.js jose module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using the p2c JOSE Header Parameter, a remote attacker could exploit this vulnerability to consume unreasonable amount of CPU time, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235579](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235579>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-23219](<https://vulners.com/cve/CVE-2022-23219>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the clnt_create function in the sunrpc module. By sending a specially-crafted hostname argument, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23218](<https://vulners.com/cve/CVE-2022-23218>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the svcunix_create function in the sunrpc module. By sending a specially-crafted path argument, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3999](<https://vulners.com/cve/CVE-2021-3999>) \n** DESCRIPTION: **GNU glibc is vulnerable to an off-by-one buffer overflow and underflow, caused by improper bounds checking by the getcwd() function. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217981](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217981>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35942](<https://vulners.com/cve/CVE-2021-35942>) \n** DESCRIPTION: **GNU C Library (aka glibc) could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain read arbitrary memory in parse_param (in posix/wordexp.c), or cause the application to crash. \nCVSS Base score: 7.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-33574](<https://vulners.com/cve/CVE-2021-33574>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a denial of service, caused by a use-after-free flaw in the mq_notify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27645](<https://vulners.com/cve/CVE-2021-27645>) \n** DESCRIPTION: **GNU glibc is vulnerable to a denial of service, caused by double-free in the nameserver caching daemon (nscd). By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-25032](<https://vulners.com/cve/CVE-2018-25032>) \n** DESCRIPTION: **Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222615](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222615>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23177](<https://vulners.com/cve/CVE-2021-23177>) \n** DESCRIPTION: **libarchive could allow a local attacker to gain elevated privileges on the system, caused by an improper link resolution flaw. By using a specially-crafted archive file, an attacker could exploit this vulnerability to change the ACL of a file on the system and gain elevated privileges. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222216](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222216>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2021-31566](<https://vulners.com/cve/CVE-2021-31566>) \n** DESCRIPTION: **libarchive could allow a local attacker to gain elevated privileges on the system, caused by an improper link resolution flaw. By using a specially-crafted archive file, an attacker could exploit this vulnerability to change modes, times, access control lists, and flags of a file on the system to gain elevated privileges. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222218](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222218>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2022-25878](<https://vulners.com/cve/CVE-2022-25878>) \n** DESCRIPTION: **Node.js protobufjs module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227327](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227327>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L) \n \n** CVEID: **[CVE-2020-12762](<https://vulners.com/cve/CVE-2020-12762>) \n** DESCRIPTION: **json-c could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow and out-of-bounds write. By persuading a victim to run a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182094](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182094>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4122](<https://vulners.com/cve/CVE-2021-4122>) \n** DESCRIPTION: **Cryptsetup could allow a physical attacker to obtain sensitive information, caused by a flaw in the LUKS2 online reencryption is an optional extension. By modifying on-disk metadata to simulate decryption in progress with crashed (unfinished) reencryption step, an attacker could exploit this vulnerability to decrypt part of the LUKS device to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217238](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217238>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-40528](<https://vulners.com/cve/CVE-2021-40528>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a cross-configuration attack against OpenPGP. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-33560](<https://vulners.com/cve/CVE-2021-33560>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to obtain sensitive information, caused by improper handling of ElGamal encryption. By using side-channel attack techniques against mpi_powm, and the window size, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203266](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203266>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-37616](<https://vulners.com/cve/CVE-2022-37616>) \n** DESCRIPTION: **xmldom could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the dom.js script. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238439](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238439>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-28153](<https://vulners.com/cve/CVE-2021-28153>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink. By persuading a victim to open a specially-crafted ZIP archive, an attacker could exploit this vulnerability to overwrite arbitrary files on the sytem. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-3800](<https://vulners.com/cve/CVE-2021-3800>) \n** DESCRIPTION: **GNOME GLib could allow a local attacker to obtain sensitive information, caused by a random charset alias issue. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain content from files owned by privileged users, and use this information to launch further attacks against the affected system. \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3572](<https://vulners.com/cve/CVE-2021-3572>) \n** DESCRIPTION: **pip package for python could allow a remote authenticated attacker to bypass security restrictions, caused by the improper handling of Unicode separators in git references. By creating a specially crafted tag, an attacker could exploit this vulnerability to install a different revision on a repository. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-42771](<https://vulners.com/cve/CVE-2021-42771>) \n** DESCRIPTION: **Python-Babel Babel could allow a local authenticated attacker to traverse directories on the system, caused by a flaw in the Babel.Locale function. An attacker could load a specially-crafted .dat file containing \"dot dot\" sequences (/../) to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20838](<https://vulners.com/cve/CVE-2019-20838>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a buffer over-read in JIT. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-14155](<https://vulners.com/cve/CVE-2020-14155>) \n** DESCRIPTION: **PCRE could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in libpcre. By sending a request with a large number, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183499>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28493](<https://vulners.com/cve/CVE-2020-28493>) \n** DESCRIPTION: **Pallets jinja2 is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the email regex. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195894](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195894>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3200](<https://vulners.com/cve/CVE-2021-3200>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a buffer overflow in the testcase_read function. By persuading a victim to open a specially file, a remote attacker could overflow a buffer and cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203837](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203837>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-25214](<https://vulners.com/cve/CVE-2021-25214>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a broken inbound incremental zone update (IXFR). By sending a specially crafted IXFR, an attacker could exploit this vulnerability to trigger a failed assertion check and terminate the named process. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200961](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200961>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-25219](<https://vulners.com/cve/CVE-2021-25219>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a flaw in response processing. By abusing a lame cache, an attacker could exploit this vulnerability to cause a named resolver to spend most of its CPU time on managing and checking the lame cache and severely degrade resolver performance. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-36049](<https://vulners.com/cve/CVE-2020-36049>) \n** DESCRIPTION: **Socket.IO socket.io-parser is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a memory consumption, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29446](<https://vulners.com/cve/CVE-2021-29446>) \n** DESCRIPTION: **jose-node-cjs-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200209](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200209>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-29445](<https://vulners.com/cve/CVE-2021-29445>) \n** DESCRIPTION: **jose-node-esm-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200210](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200210>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-29444](<https://vulners.com/cve/CVE-2021-29444>) \n** DESCRIPTION: **jose-browser-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200211](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200211>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-0778](<https://vulners.com/cve/CVE-2022-0778>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a flaw in the BN_mod_sqrt() function when parsing certificates. By using a specially-crafted certificate with invalid explicit curve parameters, a remote attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221911](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221911>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23841](<https://vulners.com/cve/CVE-2021-23841>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in the X509_issuer_and_serial_hash() function. By parsing the issuer field, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23840](<https://vulners.com/cve/CVE-2021-23840>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196848](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196848>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3712](<https://vulners.com/cve/CVE-2021-3712>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this vulnerability to read contents of memory on the system or perform a denial of service attack. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-3445](<https://vulners.com/cve/CVE-2021-3445>) \n** DESCRIPTION: **libdnf could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in signature verification functionality. By placing a signature in the main header, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203146](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203146>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24370](<https://vulners.com/cve/CVE-2020-24370>) \n** DESCRIPTION: **Lua is vulnerable to a denial of service, caused by a negation overflow and segmentation fault in getlocal and setlocal. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186868](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186868>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-16135](<https://vulners.com/cve/CVE-2020-16135>) \n** DESCRIPTION: **Libssh is vulnerable to a denial of service, caused by a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186148](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186148>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3634](<https://vulners.com/cve/CVE-2021-3634>) \n** DESCRIPTION: **libssh is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208281](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208281>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-32677](<https://vulners.com/cve/CVE-2021-32677>) \n** DESCRIPTION: **FastAPI is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a specially crafted Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-25893](<https://vulners.com/cve/CVE-2022-25893>) \n** DESCRIPTION: **Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the WeakMap.prototype.set method. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/243455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/243455>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-36067](<https://vulners.com/cve/CVE-2022-36067>) \n** DESCRIPTION: **Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a sandbox protections bypass flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 10 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235472](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235472>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3521](<https://vulners.com/cve/CVE-2021-3521>) \n** DESCRIPTION: **RPM Project RPM could allow a remote attacker to bypass security restrictions, caused by improper validation the binding signature of subkeys prior to importing them. By persuading a victim to add a specially-crafted subkey to a legitimate public key, an attacker could exploit this vulnerability cause the victim to trust a malicious signature. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213411](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213411>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-20266](<https://vulners.com/cve/CVE-2021-20266>) \n** DESCRIPTION: **RPM Project RPM is vulnerable to a denial of service, caused by an out-of-bounds read flaw in the hdrblobInit function in lib/header.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201041](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201041>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13950](<https://vulners.com/cve/CVE-2020-13950>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending specially crafted requests using both Content-Length and Transfer-Encoding headers, a remote attacker could exploit this vulnerability to crash mod_proxy_http. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCloud Pak for Security (CP4S)| 1.10.0.0 - 1.10.6.0 \n \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\nPlease upgrade to at least CP4S 1.10.7.0 following these instructions: <https://www.ibm.com/docs/en/cloud-paks/cp-security/1.10?topic=installing-upgrading-cloud-pak-security>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "published": "2023-01-19T13:54:16", "modified": "2023-01-19T13:54:16", "epss": [{"cve": "CVE-2018-20673", "epss": 0.00064, "percentile": 0.26183, "modified": "2023-06-23"}, {"cve": "CVE-2018-25032", "epss": 0.0018, "percentile": 0.54038, "modified": "2023-06-23"}, {"cve": "CVE-2019-13750", "epss": 0.00355, "percentile": 0.67984, "modified": "2023-06-13"}, {"cve": "CVE-2019-13751", "epss": 0.00597, "percentile": 0.75334, "modified": "2023-06-13"}, {"cve": "CVE-2019-17594", "epss": 0.00055, "percentile": 0.20661, "modified": "2023-06-13"}, {"cve": "CVE-2019-17595", "epss": 0.00151, "percentile": 0.50175, "modified": "2023-06-13"}, {"cve": "CVE-2019-19603", "epss": 0.00212, "percentile": 0.57812, "modified": "2023-06-13"}, {"cve": "CVE-2019-20838", "epss": 0.00744, "percentile": 0.78273, "modified": "2023-06-13"}, {"cve": "CVE-2019-5827", "epss": 0.00448, "percentile": 0.71422, "modified": "2023-06-13"}, {"cve": "CVE-2020-12762", "epss": 0.0008, "percentile": 0.33183, "modified": "2023-06-23"}, {"cve": "CVE-2020-13435", "epss": 0.00106, "percentile": 0.41868, "modified": "2023-06-06"}, {"cve": "CVE-2020-13950", "epss": 0.01192, "percentile": 0.83143, "modified": "2023-06-06"}, {"cve": "CVE-2020-14155", "epss": 0.00462, "percentile": 0.71817, "modified": "2023-06-06"}, {"cve": "CVE-2020-16135", "epss": 0.00668, "percentile": 0.76834, "modified": "2023-06-06"}, {"cve": "CVE-2020-24370", "epss": 0.00272, "percentile": 0.63326, "modified": "2023-06-23"}, {"cve": "CVE-2020-28493", "epss": 0.00151, "percentile": 0.50096, "modified": "2023-06-06"}, {"cve": "CVE-2020-36049", "epss": 0.00182, "percentile": 0.54209, "modified": "2023-06-06"}, {"cve": "CVE-2021-20266", "epss": 0.00109, "percentile": 0.42533, "modified": "2023-05-27"}, {"cve": "CVE-2021-20270", "epss": 0.00231, "percentile": 0.59867, "modified": "2023-05-27"}, {"cve": "CVE-2021-23177", "epss": 0.0005, "percentile": 0.17314, "modified": "2023-05-27"}, {"cve": "CVE-2021-23840", "epss": 0.00316, "percentile": 0.65984, "modified": "2023-05-27"}, {"cve": "CVE-2021-23841", "epss": 0.00299, "percentile": 0.64929, "modified": "2023-05-27"}, {"cve": "CVE-2021-25214", "epss": 0.01031, "percentile": 0.81707, "modified": "2023-05-27"}, {"cve": "CVE-2021-25219", "epss": 0.00291, "percentile": 0.64505, "modified": "2023-05-27"}, {"cve": "CVE-2021-27291", "epss": 0.00664, "percentile": 0.7672, "modified": "2023-05-27"}, {"cve": "CVE-2021-27645", "epss": 0.00047, "percentile": 0.14452, "modified": "2023-05-27"}, {"cve": "CVE-2021-28153", "epss": 0.00282, "percentile": 0.63858, "modified": "2023-05-27"}, {"cve": "CVE-2021-29444", "epss": 0.00121, "percentile": 0.45046, "modified": "2023-05-27"}, {"cve": "CVE-2021-29445", "epss": 0.00122, "percentile": 0.45206, "modified": "2023-05-27"}, {"cve": "CVE-2021-29446", "epss": 0.00122, "percentile": 0.45206, "modified": "2023-05-27"}, {"cve": "CVE-2021-31566", "epss": 0.0005, "percentile": 0.17314, "modified": "2023-05-27"}, {"cve": "CVE-2021-3200", "epss": 0.00059, "percentile": 0.22775, "modified": "2023-05-27"}, {"cve": "CVE-2021-32677", "epss": 0.00086, "percentile": 0.35135, "modified": "2023-05-27"}, {"cve": "CVE-2021-33560", "epss": 0.00127, "percentile": 0.46014, "modified": "2023-05-23"}, {"cve": "CVE-2021-33574", "epss": 0.00284, "percentile": 0.63973, "modified": "2023-05-23"}, {"cve": "CVE-2021-3445", "epss": 0.00203, "percentile": 0.56906, "modified": "2023-05-23"}, {"cve": "CVE-2021-3521", "epss": 0.00047, "percentile": 0.14474, "modified": "2023-05-23"}, {"cve": "CVE-2021-3572", "epss": 0.00057, "percentile": 0.21809, "modified": "2023-05-23"}, {"cve": "CVE-2021-35942", "epss": 0.00509, "percentile": 0.73173, "modified": "2023-05-23"}, {"cve": "CVE-2021-36084", "epss": 0.00067, "percentile": 0.27482, "modified": "2023-05-23"}, {"cve": "CVE-2021-36085", "epss": 0.00052, "percentile": 0.18234, "modified": "2023-05-23"}, {"cve": "CVE-2021-36086", "epss": 0.00052, "percentile": 0.18234, "modified": "2023-05-23"}, {"cve": "CVE-2021-36087", "epss": 0.00055, "percentile": 0.20736, "modified": "2023-05-23"}, {"cve": "CVE-2021-3634", "epss": 0.00383, "percentile": 0.6905, "modified": "2023-05-23"}, {"cve": "CVE-2021-3712", "epss": 0.00396, "percentile": 0.69579, "modified": "2023-05-23"}, {"cve": "CVE-2021-3800", "epss": 0.00053, "percentile": 0.18868, "modified": "2023-05-23"}, {"cve": "CVE-2021-3999", "epss": 0.00042, "percentile": 0.05691, "modified": "2023-05-23"}, {"cve": "CVE-2021-40528", "epss": 0.00128, "percentile": 0.46208, "modified": "2023-05-23"}, {"cve": "CVE-2021-4122", "epss": 0.00047, "percentile": 0.14474, "modified": "2023-05-23"}, {"cve": "CVE-2021-42771", "epss": 0.00064, "percentile": 0.2637, "modified": "2023-05-23"}, {"cve": "CVE-2022-0778", "epss": 0.01444, "percentile": 0.8473, "modified": "2023-06-17"}, {"cve": "CVE-2022-23218", "epss": 0.00174, "percentile": 0.53329, "modified": "2023-06-14"}, {"cve": "CVE-2022-23219", "epss": 0.00165, "percentile": 0.52018, "modified": "2023-06-14"}, {"cve": "CVE-2022-23308", "epss": 0.00282, "percentile": 0.63985, "modified": "2023-06-14"}, {"cve": "CVE-2022-23457", "epss": 0.00129, "percentile": 0.46538, "modified": "2023-06-14"}, {"cve": "CVE-2022-24891", "epss": 0.0009, "percentile": 0.37176, "modified": "2023-06-23"}, {"cve": "CVE-2022-25878", "epss": 0.00122, "percentile": 0.45359, "modified": "2023-06-14"}, {"cve": "CVE-2022-25893", "epss": 0.0009, "percentile": 0.37056, "modified": "2023-06-14"}, {"cve": "CVE-2022-29824", "epss": 0.00101, "percentile": 0.40401, "modified": "2023-06-03"}, {"cve": "CVE-2022-36067", "epss": 0.00365, "percentile": 0.68373, "modified": "2023-06-03"}, {"cve": "CVE-2022-36083", "epss": 0.00052, "percentile": 0.18338, "modified": "2023-06-03"}, {"cve": "CVE-2022-37616", "epss": 0.00116, "percentile": 0.44235, "modified": "2023-06-03"}], "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 6.0}, "href": "https://www.ibm.com/support/pages/node/6856409", "reporter": "IBM", "references": [], "cvelist": ["CVE-2018-20673", "CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-13950", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-28493", "CVE-2020-36049", "CVE-2021-20266", "CVE-2021-20270", "CVE-2021-23177", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-25214", "CVE-2021-25219", "CVE-2021-27291", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-29444", "CVE-2021-29445", "CVE-2021-29446", "CVE-2021-31566", "CVE-2021-3200", "CVE-2021-32677", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-3999", "CVE-2021-40528", "CVE-2021-4122", "CVE-2021-42771", "CVE-2022-0778", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23308", "CVE-2022-23457", "CVE-2022-24891", "CVE-2022-25878", "CVE-2022-25893", "CVE-2022-29824", "CVE-2022-36067", "CVE-2022-36083", "CVE-2022-37616"], "immutableFields": [], "lastseen": "2023-06-24T05:49:14", "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["BIND_ADVISORY20.ASC", "LIBXML2_ADVISORY3.ASC", "OPENSSL_ADVISORY33.ASC", "OPENSSL_ADVISORY34.ASC", "OPENSSL_ADVISORY35.ASC", "RPM_ADVISORY.ASC", "ZLIB_ADVISORY.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2021:4139", "ALSA-2021:4150", "ALSA-2021:4151", "ALSA-2021:4160", "ALSA-2021:4161", "ALSA-2021:4162", "ALSA-2021:4198", "ALSA-2021:4201", "ALSA-2021:4358", "ALSA-2021:4373", "ALSA-2021:4382", "ALSA-2021:4384", "ALSA-2021:4385", "ALSA-2021:4386", "ALSA-2021:4387", "ALSA-2021:4396", "ALSA-2021:4408", "ALSA-2021:4409", "ALSA-2021:4424", "ALSA-2021:4426", "ALSA-2021:4455", "ALSA-2021:4464", "ALSA-2021:4489", "ALSA-2021:4510", "ALSA-2021:4513", "ALSA-2021:5226", "ALSA-2022:0368", "ALSA-2022:0370", "ALSA-2022:0892", "ALSA-2022:0896", "ALSA-2022:0899", "ALSA-2022:1065", "ALSA-2022:1642", "ALSA-2022:2031", "ALSA-2022:2092", "ALSA-2022:2201", "ALSA-2022:5311", "ALSA-2022:5326", "ALSA-2022:7813", "ALSA-2022:8418", "ALSA-2022:8420"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2018-25032", "ALPINE:CVE-2019-17594", "ALPINE:CVE-2019-17595", "ALPINE:CVE-2019-19603", "ALPINE:CVE-2020-12762", "ALPINE:CVE-2020-13435", "ALPINE:CVE-2020-13950", "ALPINE:CVE-2020-14155", "ALPINE:CVE-2020-16135", "ALPINE:CVE-2020-28493", "ALPINE:CVE-2021-20266", "ALPINE:CVE-2021-20270", "ALPINE:CVE-2021-23840", "ALPINE:CVE-2021-23841", "ALPINE:CVE-2021-25214", "ALPINE:CVE-2021-25219", "ALPINE:CVE-2021-27291", "ALPINE:CVE-2021-28153", "ALPINE:CVE-2021-31566", "ALPINE:CVE-2021-33560", "ALPINE:CVE-2021-3521", "ALPINE:CVE-2021-3634", "ALPINE:CVE-2021-3712", "ALPINE:CVE-2021-40528", "ALPINE:CVE-2021-4122", "ALPINE:CVE-2021-42771", "ALPINE:CVE-2022-0778", "ALPINE:CVE-2022-23308", "ALPINE:CVE-2022-29824"]}, {"type": "altlinux", "idList": ["04BAAAD3D127A37A70A41A116E174662", "172377A713A918D5853CA3E9B24EFF85", "18D0CB45C93C051719A801D936BC19A2", "19A41B49C654395EDF4589CA89C934E4", "22B706709AF3BEB0700F24736F6EDF39", "2E3004A50A511D456BFC8F01DA1B9584", "39CFFB87AFC9A591CD6C901CBB002174", "462FD49112FE85163EF025EFB6E6CCFC", "4636D2B913915197381B9E5A8DFDA814", "7FB340BC0D910BA0D7079EBD3F33DE46", "89F0D4F86DAB22E731CEDBDF0D21012B", "8D79D5F1BCBEB74A0D3E958E790B4049", "9010C82E1F47A1ADFFAA739AF4943069", "95ECE16D0980574891228C3A05C49552", "A53966B4C9ED4C2C9B5D5AAE3C9142B6", "A8267DB8C092CE087FC043DF5830FC6F", "B0664AAC61BC569C35AA9EED702C667A", "B0DA0CE217A75449EFDF514507A4B5A7", "B85C8F73B16A47F96ABD5E5F7F645891", "BFFDFFEF282E471B1D7F2801DCBCB97E", "D7980395816322070BF99D4E21FF91EF", "DC52777AA2FD41A330B63B883159C7F5", "F87DD1A08F8DC835F8FCE2C0EB96CF99"]}, {"type": "amazon", "idList": ["ALAS-2020-1381", "ALAS-2021-1482", "ALAS-2021-1514", "ALAS-2021-1541", "ALAS-2021-1612", "ALAS-2022-1575", "ALAS-2022-1576", "ALAS-2022-1578", "ALAS-2022-1602", "ALAS-2022-1640", "ALAS-2023-1720", "ALAS-2023-1742", "ALAS-2023-1743", "ALAS2-2020-1442", "ALAS2-2020-1492", "ALAS2-2021-1608", "ALAS2-2021-1612", "ALAS2-2021-1651", "ALAS2-2021-1659", "ALAS2-2021-1674", "ALAS2-2021-1703", "ALAS2-2021-1714", "ALAS2-2021-1721", "ALAS2-2022-1736", "ALAS2-2022-1742", "ALAS2-2022-1766", "ALAS2-2022-1767", "ALAS2-2022-1769", "ALAS2-2022-1772", "ALAS2-2022-1826", "ALAS2-2022-1848", "ALAS2-2022-1857", "ALAS2-2023-2010", "ALAS2-2023-2058", "ALAS2-2023-2079"]}, {"type": "androidsecurity", "idList": ["ANDROID:ANDROID-11"]}, {"type": "apple", "idList": ["APPLE:47A6F4E1660238E39625B31A34F6CDF1", "APPLE:4CDA87B47F793E07ABCA7B9C9345521B", "APPLE:63081AE5B69AA7BDB8335C6FB30CCAE2", "APPLE:63CA0F4232480C58A7826938831F5D5B", "APPLE:7B414D7D6363796AB8F0EB89C5EEC383", "APPLE:8592A5882F33472850FF959BB2667129", "APPLE:914AF8F52D4AB5DC92631271089CEE87", "APPLE:9A4969F10DDA950938D09FB74CC40FF8", "APPLE:9AAA600C4496E1F352EC9F07A8BDC39B", "APPLE:A95E7412240FFF6EACC98CE0311A5EE5", "APPLE:B08BBADEFC88806E12CB234F1EB6C4C6", "APPLE:B42E67860AD9D9F5B9307A29A1189DF0", "APPLE:BF1622028DAB7FB7B0D91852357DB961", "APPLE:CABE34499864F4FA47751E5A9FCC58AC", "APPLE:DCF97E625A2F1F327AB03D7CEBDBE265", "APPLE:E82A2A3D978FD519CBF58A36F587B070", "APPLE:HT211843", "APPLE:HT211844", "APPLE:HT211850", "APPLE:HT211931", "APPLE:HT211935", "APPLE:HT211952", "APPLE:HT212147"]}, {"type": "archlinux", "idList": ["ASA-202102-19", "ASA-202102-20", "ASA-202102-42", "ASA-202104-10", "ASA-202107-6", "ASA-202110-12", "ASA-202204-3"]}, {"type": "arista", "idList": ["ARISTA:0075"]}, {"type": "attackerkb", "idList": ["AKB:3F7EB772-577A-4EE4-BCBB-6DA9F0EC50F6"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2021:3325", "CESA-2021:3798", "CESA-2022:1066", "CESA-2022:2213"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2022-0088"]}, {"type": "checkpoint_security", "idList": ["CPS:SK177428", "CPS:SK178411", "CPS:SK179649"]}, {"type": "chrome", "idList": ["GCSA-2870888737834917444", "GCSA-3475418297324307253"]}, {"type": "cisa", "idList": ["CISA:305FFC67F6D56741386DEEE47B27A8E6", "CISA:FE8DC06D4609CF6B91DE778FC96E4ECD"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:040F4CCCBFA0D40A833FE27260678A99", "CFOUNDRY:163520ADA147AB65CEF40BB75A4D46C0", "CFOUNDRY:177BD11FEDF3F89426E99286BC7DC46B", "CFOUNDRY:1D6373C6C34B7DC575670E6C5020D261", "CFOUNDRY:451456E80A3A64E506E6D4333659CD7B", "CFOUNDRY:4A3B7352F688F5DDE0F38F4DA0142F6C", "CFOUNDRY:59152B1A416D353D5CC80A97383D433B", "CFOUNDRY:5FED86D0D8C258D157F6DA659FC59DF3", "CFOUNDRY:69ABD678D2A3A5E6383EDFB3B6F9B824", "CFOUNDRY:6BFE4778EE08B8FDF49AB030FE4D7D65", "CFOUNDRY:6F549C15AA8101FE972631A08A5F16F0", "CFOUNDRY:70F6C83FE70C685FC734A73A63029F17", "CFOUNDRY:7CCE0B0CA4C32E297BEADD4E79F7EBE9", "CFOUNDRY:7CFA05FF63DADFE32E3B6B3CFD30F896", "CFOUNDRY:830AB4ADEDF5AA0A08E570327397217B", "CFOUNDRY:9D68ED6016BE103A2C54B6BFC20E2063", "CFOUNDRY:AA356DA8CD5E3C69DBEE45AEF6C8C74F", "CFOUNDRY:AEFE1E0FB78D2D1BC82159C0749C81D8", "CFOUNDRY:C51D5E136965C2018AA261ADFD5CD91D", "CFOUNDRY:D8A5533B956044B61CB60F396BC77D39", "CFOUNDRY:F0013A3F6D5B90D6F83A023B5EDD0066", "CFOUNDRY:FAA30968EB5FC787D7DD15251E2F2C77"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1614885634", "CLSA-2021:1623075923", "CLSA-2021:1629395067", "CLSA-2021:1632261705", "CLSA-2021:1632261785", "CLSA-2021:1632262317", "CLSA-2021:1635958784", "CLSA-2021:1637070791", "CLSA-2022:1642084196", "CLSA-2022:1643818516", "CLSA-2022:1647255880", "CLSA-2022:1647550273", "CLSA-2022:1648138117", "CLSA-2022:1652706231", "CLSA-2022:1653004535", "CLSA-2022:1665428177"]}, {"type": "cnvd", "idList": ["CNVD-2021-71262", "CNVD-2021-71263", "CNVD-2022-21487", "CNVD-2022-68614", "CNVD-2022-68930", "CNVD-2022-72205", "CNVD-2023-25100"]}, {"type": "cve", "idList": ["CVE-2018-20673", "CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-13950", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-28493", "CVE-2020-36049", "CVE-2021-20266", "CVE-2021-20270", "CVE-2021-23177", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-25214", "CVE-2021-25219", "CVE-2021-27291", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-29444", "CVE-2021-29445", "CVE-2021-29446", "CVE-2021-31566", "CVE-2021-3200", "CVE-2021-32677", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-38604", "CVE-2021-3999", "CVE-2021-40528", "CVE-2021-4122", "CVE-2021-42771", "CVE-2021-44569", "CVE-2021-44570", "CVE-2021-44571", "CVE-2021-44573", "CVE-2021-44574", "CVE-2021-44575", "CVE-2021-44576", "CVE-2021-44577", "CVE-2022-0778", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23308", "CVE-2022-23457", "CVE-2022-24891", "CVE-2022-25878", "CVE-2022-25893", "CVE-2022-29824", "CVE-2022-36067", "CVE-2022-36083", "CVE-2022-37616"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2228-1:202D9", "DEBIAN:DLA-2228-1:4153C", "DEBIAN:DLA-2228-2:22D73", "DEBIAN:DLA-2228-2:97FFF", "DEBIAN:DLA-2301-1:BC2C9", "DEBIAN:DLA-2301-1:D8A44", "DEBIAN:DLA-2303-1:3427F", "DEBIAN:DLA-2303-1:761C9", "DEBIAN:DLA-2340-1:34DF9", "DEBIAN:DLA-2381-1:C9B4B", "DEBIAN:DLA-2563-1:7D5FC", "DEBIAN:DLA-2563-1:B363B", "DEBIAN:DLA-2565-1:2FCB7", "DEBIAN:DLA-2565-1:CC1A3", "DEBIAN:DLA-2590-1:A469E", "DEBIAN:DLA-2600-1:15199", "DEBIAN:DLA-2600-1:75379", "DEBIAN:DLA-2647-1:7BE9D", "DEBIAN:DLA-2648-1:36BD7", "DEBIAN:DLA-2648-2:FD037", "DEBIAN:DLA-2691-1:57A3E", "DEBIAN:DLA-2766-1:9EFDC", "DEBIAN:DLA-2774-1:D8CE0", "DEBIAN:DLA-2790-1:6682F", "DEBIAN:DLA-2807-1:8A220", "DEBIAN:DLA-2952-1:7651B", "DEBIAN:DLA-2953-1:551CB", "DEBIAN:DLA-2968-1:DFF4C", "DEBIAN:DLA-2972-1:3A4A8", "DEBIAN:DLA-2987-1:30B1F", "DEBIAN:DLA-2993-1:EB800", "DEBIAN:DLA-3012-1:209F3", "DEBIAN:DLA-3044-1:84458", "DEBIAN:DLA-3110-1:B88CA", "DEBIAN:DLA-3114-1:9A50E", "DEBIAN:DLA-3152-1:9B676", "DEBIAN:DLA-3154-1:74E50", "DEBIAN:DLA-3202-1:F1E95", "DEBIAN:DSA-4500-1:C7649", "DEBIAN:DSA-4500-1:FB1AD", "DEBIAN:DSA-4606-1:01C21", "DEBIAN:DSA-4606-1:D7F34", "DEBIAN:DSA-4741-1:EFC32", "DEBIAN:DSA-4855-1:4A0C0", "DEBIAN:DSA-4855-1:B091B", "DEBIAN:DSA-4870-1:3C7BC", "DEBIAN:DSA-4878-1:854B3", "DEBIAN:DSA-4889-1:BE561", "DEBIAN:DSA-4909-1:42284", "DEBIAN:DSA-4909-1:88261", "DEBIAN:DSA-4963-1:90BFC", "DEBIAN:DSA-4963-1:DA7BC", "DEBIAN:DSA-4965-1:FFCE1", "DEBIAN:DSA-4994-1:A5663", "DEBIAN:DSA-4994-1:CB92D", "DEBIAN:DSA-5070-1:C389A", "DEBIAN:DSA-5103-1:C47DD", "DEBIAN:DSA-5111-1:D8F18", "DEBIAN:DSA-5142-1:ACFFF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-20673", "DEBIANCVE:CVE-2018-25032", "DEBIANCVE:CVE-2019-13750", "DEBIANCVE:CVE-2019-13751", "DEBIANCVE:CVE-2019-17594", "DEBIANCVE:CVE-2019-17595", "DEBIANCVE:CVE-2019-19603", "DEBIANCVE:CVE-2019-20838", "DEBIANCVE:CVE-2019-5827", "DEBIANCVE:CVE-2020-12762", "DEBIANCVE:CVE-2020-13435", "DEBIANCVE:CVE-2020-13950", "DEBIANCVE:CVE-2020-14155", "DEBIANCVE:CVE-2020-16135", "DEBIANCVE:CVE-2020-24370", "DEBIANCVE:CVE-2020-28493", "DEBIANCVE:CVE-2020-36049", "DEBIANCVE:CVE-2021-20266", "DEBIANCVE:CVE-2021-20270", "DEBIANCVE:CVE-2021-23177", "DEBIANCVE:CVE-2021-23840", "DEBIANCVE:CVE-2021-23841", "DEBIANCVE:CVE-2021-25214", "DEBIANCVE:CVE-2021-25219", "DEBIANCVE:CVE-2021-27291", "DEBIANCVE:CVE-2021-27645", "DEBIANCVE:CVE-2021-28153", "DEBIANCVE:CVE-2021-31566", "DEBIANCVE:CVE-2021-3200", "DEBIANCVE:CVE-2021-32677", "DEBIANCVE:CVE-2021-33560", "DEBIANCVE:CVE-2021-33574", "DEBIANCVE:CVE-2021-3445", "DEBIANCVE:CVE-2021-3521", "DEBIANCVE:CVE-2021-3572", "DEBIANCVE:CVE-2021-35942", "DEBIANCVE:CVE-2021-36084", "DEBIANCVE:CVE-2021-36085", "DEBIANCVE:CVE-2021-36086", "DEBIANCVE:CVE-2021-36087", "DEBIANCVE:CVE-2021-3634", "DEBIANCVE:CVE-2021-3712", "DEBIANCVE:CVE-2021-3800", "DEBIANCVE:CVE-2021-38604", "DEBIANCVE:CVE-2021-3999", "DEBIANCVE:CVE-2021-40528", "DEBIANCVE:CVE-2021-4122", "DEBIANCVE:CVE-2021-42771", "DEBIANCVE:CVE-2022-0778", "DEBIANCVE:CVE-2022-23218", "DEBIANCVE:CVE-2022-23219", "DEBIANCVE:CVE-2022-23308", "DEBIANCVE:CVE-2022-23457", "DEBIANCVE:CVE-2022-24891", "DEBIANCVE:CVE-2022-29824", "DEBIANCVE:CVE-2022-36083", "DEBIANCVE:CVE-2022-37616"]}, {"type": "f5", "idList": ["F5:K02219239", "F5:K11426315", "F5:K19559038", "F5:K21548854", "F5:K24207649", "F5:K24624116", "F5:K31323265", "F5:K32760744", "F5:K43700555", "F5:K50343021", "F5:K52308021", "F5:K77326807", "F5:K87323016"]}, {"type": "fedora", "idList": ["FEDORA:07A103138D99", "FEDORA:07CA53027C9F", "FEDORA:0984A3096E68", "FEDORA:09DA530946F5", "FEDORA:0BA8230F3B81", "FEDORA:0FA6430AF85A", "FEDORA:129E530B067D", "FEDORA:20B1830A0724", "FEDORA:21C1032184D7", "FEDORA:2223F3052746", "FEDORA:24541309E0C8", "FEDORA:2562F30B0994", "FEDORA:2873C310660B", "FEDORA:2FB16636512C", "FEDORA:3170130861DE", "FEDORA:33F5F3096E54", "FEDORA:3F9753052E9C", "FEDORA:40F4C30A9F42", "FEDORA:4ED1D30964A5", "FEDORA:4EE8E309D3ED", "FEDORA:51E773072E1C", "FEDORA:55B76304C3CC", "FEDORA:5697830B6819", "FEDORA:57D6C304C758", "FEDORA:58B4460D22EC", "FEDORA:58EA560560A9", "FEDORA:61ACF309F4BF", "FEDORA:62E10307F96A", "FEDORA:6E91660E154C", "FEDORA:70256616B2FD", "FEDORA:71126318CADE", "FEDORA:74548307F429", "FEDORA:764143099EED", "FEDORA:788A330861DE", "FEDORA:81628313BD04", "FEDORA:841B6304C3CD", "FEDORA:8CF5D3094DED", "FEDORA:90A7630A2C09", "FEDORA:9276A604C5FD", "FEDORA:9471A606D8C2", "FEDORA:97A66309CD91", "FEDORA:9A9A730B7020", "FEDORA:9FB8F310F2E1", "FEDORA:A0EF6613BB10", "FEDORA:A5ED9306AB54", "FEDORA:AA920305E2ED", "FEDORA:B050060758B6", "FEDORA:B0E00301FECB", "FEDORA:B4277665BA1C", "FEDORA:B5C2330A707B", "FEDORA:B95F63083D20", "FEDORA:BAA7630BAE70", "FEDORA:C3ED760C452F", "FEDORA:C5FD46089669", "FEDORA:C7E413533E64", "FEDORA:C920E30AF07E", "FEDORA:CEB7630CA021", "FEDORA:D1BE0309E3C6", "FEDORA:D25E2304CBB0", "FEDORA:D2D5630BDAB4", "FEDORA:D303630E6E8E", "FEDORA:DA89631A6294", "FEDORA:E526F603B29C", "FEDORA:E5FD830AAF2E", "FEDORA:E9704310F2E3", "FEDORA:EB3AF3096E5D", "FEDORA:EC4793072624", "FEDORA:ECBFB316C4D4", "FEDORA:EDA6C30E501D", "FEDORA:F0DF83075DC8"]}, {"type": "fortinet", "idList": ["FG-IR-21-116", "FG-IR-22-059"]}, {"type": "freebsd", "idList": ["0A305431-BC98-11EA-A051-001B217B3468", "0C52ABDE-717B-11ED-98CA-40B034429ECF", "2F3CD69E-7DEE-11EB-B92E-0022489AD614", "36D10AF7-248D-11ED-856E-D4C9EF517024", "38F2E3A0-B61E-11EC-9EBC-1C697AA5A594", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "57B1EE25-1A7C-11EC-9376-0800272221CC", "7262F826-795E-11EC-8BE6-D4C9EF517024", "8E150606-08C9-11ED-856E-D4C9EF517024", "96811D4A-04EC-11EC-9B84-D4C9EF517024", "96A21236-707B-11EB-96D8-D4C9EF517024", "ABC3EF37-95D4-11EA-9004-25FADB81ABF4", "ADD683BE-BD76-11EC-A06F-D4C9EF517024", "C4AC9C79-AB37-11EA-8B5E-B42E99A1B9C3", "CCE76ECA-CA16-11EB-9B84-D4C9EF517024", "EA05C456-A4FD-11EC-90DE-1C697AA5A594"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-20:22.SQLITE", "FREEBSD_ADVISORY:FREEBSD-SA-21:16.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-21:17.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-22:03.OPENSSL", "FREEBSD_ADVISORY:FREEBSD-SA-22:08.ZLIB"]}, {"type": "gentoo", "idList": ["GLSA-202003-08", "GLSA-202003-16", "GLSA-202006-13", "GLSA-202007-26", "GLSA-202011-05", "GLSA-202101-28", "GLSA-202103-03", "GLSA-202107-07", "GLSA-202107-13", "GLSA-202107-19", "GLSA-202107-38", "GLSA-202107-43", "GLSA-202208-24", "GLSA-202208-26", "GLSA-202209-02", "GLSA-202210-02", "GLSA-202210-03", "GLSA-202210-13", "GLSA-202210-22", "GLSA-202210-25", "GLSA-202210-42"]}, {"type": "github", "idList": ["GHSA-4V4G-726H-XVFV", "GHSA-4W2J-2RG4-5MJW", "GHSA-5XP3-JFQ3-5Q8X", "GHSA-84RM-QF37-FGC2", "GHSA-8H2J-CGX8-6XV7", "GHSA-8M5H-HRQM-PXM2", "GHSA-94HH-PJJG-RWMR", "GHSA-9654-PR4F-GH6M", "GHSA-9PGH-QQPF-7WQJ", "GHSA-9W8R-397F-PRFH", "GHSA-C28R-HW5M-5GV3", "GHSA-CGX6-HPWQ-FHV5", "GHSA-CQCC-MM6X-VMVW", "GHSA-FQ42-C5RG-92C2", "GHSA-G3RQ-G295-4J3M", "GHSA-G954-5HWP-PP24", "GHSA-H4M5-QPFP-3MPV", "GHSA-JV3G-J58F-9MQ9", "GHSA-MRGP-MRHC-5JRQ", "GHSA-PQ64-V7F5-GQH8", "GHSA-Q77Q-VX4Q-XX6Q", "GHSA-Q9WJ-F4QW-6VFJ", "GHSA-QGM6-9472-PWQ7", "GHSA-RVCW-F68W-8H8H", "GHSA-V6GP-9MMM-C6P5", "GHSA-X3MH-JVJW-3XWX", "GHSA-XFHH-G9F5-X4M4"]}, {"type": "githubexploit", "idList": ["0B1484CA-22A0-50C8-9FDE-1E07AD2BBF96", "0C866B2A-86E3-5C5A-AA62-622683A9A0DA", "16650431-C299-5364-93DB-374F16302DDF", "1713E8B5-FB61-5B95-8337-AC6691ECF711", "215EF040-369B-5FBF-A9F5-F81833E29553", "2DA0FD9C-9E20-5C51-A357-EB46391407F7", "4E834790-A0F9-5830-88FE-F520B8FE3CBB", "588C33E5-7CDF-5EC7-9294-74B308DC6535", "5BCFB44C-A4FD-5890-AE9A-A60CC135A2F1", "B0D935D0-63C8-5C5E-94CD-4B434F315B0B", "CB4B727A-DC5A-5BD9-84C9-782301F87004"]}, {"type": "gitlab", "idList": ["GITLAB-2B9F06DA84CB3AA272E072E600CA944E", "GITLAB-EF4FF952BF1FB5F91CAC48BBC409A535", "GITLAB-F5BF307B68975767D28FF3F1745F990C"]}, {"type": "hackerone", "idList": ["H1:1113025", "H1:1429694"]}, {"type": "hivepro", "idList": ["HIVEPRO:9C6CEB2A89436A8E8258183E6D6830FB", "HIVEPRO:B772F2F7B4C9AE8452D1197E2E240204"]}, {"type": "httpd", "idList": ["HTTPD:CD723D45902C2E914960ED617BF64BD6"]}, {"type": "ibm", "idList": ["004D4A46545DE65BF1BF4C6653130DD7726B41D25BF8C1E412D9873D6E6DB314", "008FFF63F2AF6AE8CB05606C3ECA8B2CF02B15FE8C07206A1D45A192A1D8A9A1", "022A2D60DD1C4A293CF52F8F73A53B3FC2E53AEC5EA7FFEDF9C4763EF2B5B80A", "023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "0319E4F01D8C2BB1E1D9CA642942762AB6D0486EE87445E505B6585BF79E6E34", "03D00591019CE34D0FD78640476E184E6CD4E23765A0C7A13539B6B78161E1A6", "0402EC8AB4EAC3CD4AE3D765E8C24F6683BD7CA1335A81B6D3B0950A4801A470", "045B3221FB3BBC39DD70A158CACD0ACC0885A17A6B16F3CCA24E243D79A3DFB4", "05C711ADE626E71EEF208B57EB92611FB65BACFAC2E002E5DCF15BB16E425278", "05FFA3C248EDB6D7EE11C5609FAB04F6122B05C3258CA58F9DD92166278EE9D8", "0640B969009F4949540096B6BCAB401C92F393BD37C329262A55A3CC03A3A43A", "065AF80DF1FB1E870F5908DC38172751D9481D694659FA8513D12ACB3FAEC824", "091D253C3C5F4EDDB1A7482046BA793909C45D2702BF1CCF8D674C8DF0ACEA59", "0A2CC076E697047BEB801920E37078BA16894DE0A4DAB7A64E209E04A52ED4A7", "0C4B79BFF88AACC358B813B5EBF57229B26D0400A39D0FA7687D92FEE890BC8B", "0D1E5BC462EDE366FDBF6EBBD61DABE937E26D4A64AE5DCE2B72624D90E14FDE", "0D85E5287523B83245752DC2E09287130E098DCDD6446DA2E1DF6BC26D74E767", "0E52D1672D07EE18EAA03609925823099E77BFBCBCA0962EA3C956E7DF6379E1", "102DE7B07E2C763A08E3117F8BAFADC95832E666C453110C7D4275D703394EF5", "1216774B4B480E63593138D0C860C1CA0FB3986D15865CFCD045F9398622171E", "121DC798369C78477632D85108287366F8EBD95F4446B39AFA86B5A9913FF44E", "12CE8FF345E0DE87F32929BC10524C6FAAF1E389A3A8BD632A0FCE3BDA94A71C", "133379EBF1506E0E356F58A2F882A938C12C601959C068582635E9DC9E997C82", "14108283F9157C4F2A38313CFBD3F47CFDC207CBE84809E04B7E197DA546B8D3", "147A8F494121D31116661E9EDEBD30F60B7D11D71939DEBC18A14DC44EE48B82", "14B3F9EB98A8E27CF7244597E68B5F0E86C34BCDEFBA986C2D600145A4C5CCFB", "161E93A17C210873A930616B7AA642E8DECB548C126F51ACBF476947F04F5F46", "169242E6888352607848258E8D12AEA0F5C908A1E0757CD20B9751B8AE121BAC", "1841E92577ACD6AADDBB49C1995A398D151CBC9679F1BA2B9C77425F2E40A55C", "18DD82726ED611CE07A6FE2592344159C821D9BD564B6D65D1831A37C7550D6F", "195918D2F5091119FF3B0CC5A9585BC7AC11F2FEC79E28813AEF279874757FC8", "19E6F6BF59A10C956F5C8D810D4B516674147E88F5FC3EC5B22031456700CB08", "1A35248CBBA17AE981ED0B52B133E7CA1678042C1A9C93C2EC8BED2EF8994420", "1A4A0FAB6D751A7711F422DB650551ABAC416BB4CB9C7C4D6BED8778218B5D1B", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1BD589A2EFA871129365AA28211FAACF45DF2612E504EA283F22F4A22491789B", "1CC73BCA2715A24B5B151F09467A8D56D9B69AF516506F82AAA8779D2A0D9D37", "1D375703477B8434B33880D4C2BC54C4F52207A530C550AD113F53DC33F805E9", "1E239D8C4813C8FA705CBB86F01F323B29B73D1086FDF65021C9CB4B0146A272", "1F6D85E6E7B1A994AD8F1E3D1E2C7EB0306D405EDF2AE06A58DF0249ADC65DC3", "20253899F502FDF9B48857A95C7DD8AE785940A7D1A6A2E66760804009268FA3", "20763F2B27C66C722124CBB23FF4ECBE76431735E0AC6E1F94E8999CB3A2CB25", "20A5B4AF60B52576A2246BE431A6427FACC29A7CADB4DC7C1C2466965B022037", "210E846B804F49660D8B31302CE4B40ED51AFCA74132908CA88497EFC59F683D", "211CD9F1ACF38809CC4473AEB8D5CFC5AEDD6F6E475C5EC5DC18B3B624F8BF48", "232FD4AA42C52444351DF42BA0B5D2E7BE80BB3612CF91DB3EA4AA2D1B38DA0D", "24BD16DFE4A0066D365799584A12F1287B386A11F77FD843EE761A16843EAB83", "24F8EA7EB04EFC7BD25A64FD77684DB61778B7EC6FF4B522D3D85CC6C84A7071", "254982B133AF87964C8EDFD23D188B5AC76FD0D3823194E367660BA1FDE55EFC", "25514A79ECD6817174D110214E069F3D23C2603471F12B322B692159C4B74847", "26D8B9BA25346A1142EC41EC455309415D14076E05E1C0FE94BCF3C77CFC130B", "274B8DA8E886AD10D2ABC0F17C9502879E32577228D9DECB974BCE12DF093D67", "281139F30DBD8FF3981EC6F46CCC25F3D1AB2B503A0460D13A7677E2BA52ED5F", "28AF07FA415EFB4C0600E47198E77EFE267BF4907EB58703528CAAFC4FB07FDE", "2A7A7E36601C6E4D31E8BA0D7AAC60D5687103E89CE9D3C6A19F73E786347129", "2AF38903DB3E308E6136B5CD830F4FF293CECE336C4C36CC009014DB841F32F4", "2E58B569B4DB4763709C8CD7E2753A53378BB27D938664EE87B306305B546DAA", "2E7AE1B4FCF61DA7074EF9FEB76AB3CBCB5D9C697787A4E20F66CC75980CBD5A", "2E99FBB731310229E5D67CCF834D84A3C63F588068BE4D2601929B95EFC9AA89", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "30A5CA62F6580AAFA852738DF5325C812D685A3292E94F7A9E759C1125E79A0A", "30DC450AABD11109A70A2AFC8BA5DC8E8DEFDC385B32C17C4EE2BE3BF55721AB", "32A552C9D601D5556D9E77A4710C33359E9E59554828DF5DF32E88FA7D8B12FD", "32A60A9C1BA6A62100EB71CDFA36BDD4A97E492CAF4EC2F477EF0C0B4B0BBA9B", "34BBFD07F97BF2576AFF7A58CE5BF96E2ED12ECB554A40CA1C2AF78A5DEA65C8", "3617E5DB629BF3E4966913C6CBFB7FB0D83FD9726DE73DD22305E09D36598E97", "364F8FB9BA353F400B4546D33999F70FA4F7E3F35D42B5932DC73C08163112D3", "3669E45D7FE2AA83192FF44FAA60FB349B5D39469F2B30F7D69463B2868B4908", "3751D59918B26EEDBAC0FEE1886D1A118A9D2105E993222B09C299A55F5D8424", "37C10C2D0E7D2BFB4BB1A32B884A646EE86AC573C6ABC320C9FB60A8F1A3ECB6", "38F82D2C018275ABAAA2AFC2F7D48B9C43CF8F7C91A6847F9562FF98BEDFCAE1", "399578D218F35FC9D6675721AF7C39D2DA55885F05A6050C33C7471B98FF567A", "3A0AF20F09C0B2979253C90E84B995F8CD1F83152C1ABF4731B75885693E258C", "3A60FFE4C6E74A1C21779F3EBDA68EDA39A6BE6BFE8D6C3E6E1205188F1FB85A", "3C1A78B2884463FDD0373C1C8B938DC6B62E78494896694E30B6E9004C4B927F", "3D44B41FEB67A37C1F1602DF3E14EAB1A680D6DE2E68AAD59DBA34352E7EEAF6", "3E676CEE741F035B426AAE7DF3EC83BF7941667EB382805D029B2A95E65A0352", "41A7E60233680CA9184B8E9D67180468646049DEF874B71844D07894BD303B67", "4242C683C007EE5B94B25809E80B1C728A4F2E637857CE565129C26B4FD05423", "4395DB4E66F99889DAFD2A4877F5DD63D932E1BAF718AD9DFD8050BE89AE7B39", "45F290647D7A4EBF1F245A22873DA3258113639A5595D4F08D5206EB9D79EBCF", "4777AA656AFE2A7E99CB0D93F8BE73D4229AC1A8C767E59363E711B828FD7059", "49B51E8647F7A4F0DC547625ABFE8CEDFE5DD4CC415227136048AF28A525CEE4", "4AD144393663479BB64C875B7B04C97712BE791D19F2EDC082CA6236DF4F9F71", "4C10A98BEE68D0B96F2823756EDF99AFABFD6558C7AACA794EB853BCFD69F5B6", "4C62280F93124FD0C7C5C20CA30CD4D137F1D0A9E1E35780DCDE98EDBCFD8B1B", "4C79E288BC340613D1B1B84DD16C4C5D8F508A64A400E10BDCB88A06FA574EDF", "4CE1B2F6454C1BD94457E47D668B97B231076132166B23B18741F946099CC719", "4D0EBCF3DF78259432BD61BF337DCCFDB5C99816A483EBDEDA43077F798CF875", "4E39FDB5C241C26D4DD2BD5D0D87CEBA03C22671C2E86D53C726034AAB37EFD2", "4EA0B21CBC1507E92BCBE50A7BEAF54CC9CB28005D7893FBDEBD48FF2E06CF9A", "4EA6551BD99CCC1B01083544B3B9ACE0C7E5D3F7A57B1B11A9189A3DEBD0289B", "4F29CA11215A2F90E9FDDE62F2C0660CD088F4BCEFA24FE3E6EBF3BF031566D7", "4F8D39F3F464E5E9FD3000C317BC69CF4FEEE9F0605C69E62D810607C6BB87CD", "505AA9046670EC3A58A3F57E2932EB46B317BDB83A271F3A6627D59B7D958183", "51B18D37F54E0E13CB87112E0323518D15B4E3A206BB32632FE2181BBF89BDC8", "52830679EDB4150222A7F147B003662FCA1434A6B008FD1B806F9E0D1196E5D1", "532726FECC3B1D24D191D2502D19E229E8A42F481E2D82243939EB0E63D6C934", "5373C123BD5452F3F195025B11A997E533EBB69D09485702AD149909222F566C", "54C108178FEFCC2E097FAAE5C25ED91CFC0811D8F54A2518390833D0DCC7402A", "554AE47CAFD99556995805FA7FBFE0CED277C443141BE5FE13550035743CABCC", "56D5C4D9B33C1F45EC0E3A48B1E1AB84BC4291F8AFD78D9A30A0AC38C27FE216", "5834E81AF46691B1D89090AAA05DF8D5F3F6ABF00015A6CCFC60814EADDADCF6", "5AB7C5317E6E4D84174BB8C187F10FDCA16906834043D64981ED07D790312C85", "5B334294B044C0ACACF432F81982EE7B36C316C5E4DACB843750BFD06F7F7764", "5C34B98542AF51151FD8AFBC3CFF0F90B850FA89055DB3424D39BEEF8638F4CC", "5C55844CADEBECD837AA331F971C7E964338AFF22322C4EDA224B5C2642A1A70", "5CAD5D32258B6EBB72263ED99B6DE586C3A3347FA7743140740A1F7CC94CC9A8", "5F3C4B37776986C5B6E57B0D357C4691B07BBE4E0615968E249EC3225A3DAC12", "5F4A0C2884928132058FB1F6A2A491E93E6AD59F7652C09398215C3B1702DA1D", "6137CA688C891413F0689149C983EA31FBA87F4C104EEF74658D6F747C2CE707", "61B4E445A0F5A78F102006270381D716303602D81DEE17CDF7FBA3BB9F7660E8", "62629DE5F67DA293CB06BE8405F6FC4CB1CCE306459AA1284B7EECF4846ABD20", "6276DBA59ED42176EC7E2927F0A75BDBAC09FF340317BE665F741C4CDC851A7B", "6386F8948DEE250045178259A022D70BD9E8E6003BDBD116F95FAADC25DB23C2", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "65575758CE6E879BDCFD17ADB708B2448CDF9C00E078AEFB1967358BF519C078", "656937FA945DE5E58B9B5C0431A830AA521D479596EA01ACED0A20A166C4E3B3", "65A8186C2C8977929AF35D5602314B8018A488990BBF80CB537C3CBEB0B7BEC3", "677B50D118494C17178E83DB6E0C50351EE6636792748E40043E3B9FBFAD274E", "683AA37B653363FD02791BC7A1F7CD150251CE22393F2B9CFA26550B7F995A3A", "687EF3D9E4C66E2EC0DD556D7C5488A09AD8CF69EA1010A9456E63DF45C0B64F", "6949963E8F8CDBBF076CCA42C1B972D8C4F8D8949B9544DFC6B3726DC3985FF2", "6B9D154BCE10DADDC28B259A53CDE7ADF906DBCB05E8EF0696407EACF7A37CB7", "6CAE2D44529EB3ACB88F1CD69BAC17D0CEAF1019A014DB789505665B46AF09B8", "6D2D8D71D69D8461F2745DEFFD034354BC044D7FD0B5D5FBFE539BAF7E45610E", "6DFE02E47206439339CF69003DED7C6A339BE8A9FDA6611EA300ACF64BDB9DD1", "6E896C3EA4E119BB94E79619FA7DDA4DD85C924131CFD25FA41D57AE7BF850C4", "6F4E5F0514046C4DFF7589304AC388DE078407580FB80C083E9C6EEB1EF34EAA", "71ACC821294C80E8F3B99B72E48078130FBD6C877B71E1CB158D6280A8292D99", "7379F90289C2C7A342F16A37575837A2FA27EB95290E6923107C2F8F596E9C51", "742165674E677DC9026C3F2D2245AFC118A59A752987D90E7AA7D17B911AC473", "74F2A94336E51B0E3062906A1A2B7FB8CDE35DFD901789C840E3CE1DA62E9EF6", "75C113431E513074D4D209CC5AC455FE9F61680A636C3E65E4D9B0CCFE8418FE", "7712F0249FC574F5E6BB742100BF0E53D089C499325D28D0E2739DFD47B4CADA", "773DF59135D4359E400DA2F53BD1A07B522C82B129F5EB663E98FC1F914F61B6", "775D8920A06E5F5CC834DDA404C4673AEF466A8D02F754107379066E0186B27F", "776E59F33E05F53F4D8E2B52654DB6FDB03DD90810E22E6FFAA03C220C3AB3C0", "77749493A2DBD6936C13EAA63911F6136F55AE09D2D48DC2785E79841B40FED4", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "790C6DE37FC85CD0EB50AB9506237BA69A094168AF99EC98BABC7F19E45BB02C", "7A2AB93E7F0DDAB709E04C2A3083F01A78EB3403F2956781D7C650C866D62D59", "7A34C5EA3878227646136480AF345DCC5DF882B26F65D3380EC0064BCCA45485", "7D158CE8DF0EAA9F8D32E562C6E3311BC04075EC6BE07466A648F40065F0CEAD", "7D5F67B024CC722E64940926530895B91C48128A6056A36954C9F9887726DFAE", "7DD716937833D26A273805FDD75DAA8EAD29675C677E895818B69342B893BC91", "7DE31DC20B322964CB6C48106E631D9D14B3967BD45EF2F7D2C8FA587E1AB212", "7E466DB7C3E6D0FD95B6290D6AABCA2CA5965052B0CC5CB552473151BFA7576F", "7E48E83AB3B599D048D884D2F2A9C830676F7F8EE7EFC2B799BFE4618D5E9A2F", "7EDC7E4A607AC78AB259E545462224179BA0B894DBBE1C19D52406785B960D30", "80AAF4A30BE5F1921DC1F8A0F5E3FCE4216BB1E2506D45A0C54426AE990BED7B", "8107BB155AFB4DEF24A8F7E9A5B84FB121DF87688100C00C435732A2636A741D", "817B7FFB07801BE45BBA7907DB38E30FA02DAEC38ABDAC204FD15158D630635A", "82D897D235CFB70936ACD9CA3E6034885E56EBCC4A41A67CD33F1077B9C80885", "841ABF9ADD122315E9FF98182FCCE868E8819519D3577D87A3CBDF6FFE75C0B5", "85A43C6C41FE576C53B5C843A1000693B1568987B2D6E8A8433139503B995ADA", "86075B9E2A02E79CBD1F591858642BFE044654A853F3F5F3598C54C2E1802DAC", "8629C8E12419043B52B91489ACD79D1F6E5D0B66C9F87EBC55D577A7264A367E", "892C2279CFEC7CA12EB9F574A7BEA32252BDCF0D00F2BAE9DEA59A1A2E88583A", "8A2122A2D08687D5F2BE22697893E3A1D85402BDEA7B7A660E4020DCC74A1F17", "8A9DA62ACD0528EEF6577A7929613A497D58F78FF0E64379975CCC381DD42953", "8BA9843CD049A6B3B2568D750B3B848AF7F394867B3914172C3057506982747A", "8CD12EF78572A4084B09F1DEB451D5D52F854099E5B1A1A30714B96E6F38483F", "8D64F104C14AF2A33552E861AE403F451EDADB214820F820DA429C523DB6D464", "9010170C5F6615B41D0D1BF7C1A4DCA2E6A385A931EF64941B7395737D4C1BB1", "926EC2BBAF756385F2D7D4C5C98F9F630DFB49737FCEF5BB68A74EB910687527", "94283DE0584ABF5D790E0534ED68F70746D7978ACD04057D9A9DAD20D45397A9", "94B983AD780E14AA5F44732446E343898FA3AC275A33BBD3BB9665EF2A6B3EC0", "9571CC4C328FC49BDE460E3DDB8089A16540E8193A13ACAE69B87BCD550C3EF1", "96080ECFBE42CEF2D63B1341838131BE1CCC2B5F08130E2F678CCDCE13FAE376", "968F76B061F639B6B747F38EA0B563E31C681273189E02F178403D72D7E18BAF", "97CF7C515357F1AFFF5BDC937895F029179A2F0A599F6865A2F4BA81F8C07371", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "98283CFA95F6BF8734797F60CE0F1633CDE2F2CFE8B1C29D35562086E63F1486", "995F5E76978D4608B874A2D971B720695F0E88D78837491A71B32497C4E691FF", "9ADBDDE58661CDBE895EF30C5FC7969CE502BC90E9C6CAA210F0E36F82C8B330", "9BA7990CC3D9C20113440CD1A4AB058DB6D9EBA8AD303D4021A3D4CAAE12DDA9", "9BDA6E33706D0CA5C43FCD01EF51E48EB25CD2D133A018AEDB2FE563EC3BD7DC", "9C01855DE792DB516073FE7D57766225D3D1F4F50386D124FC6880AE615E0F6A", "9C2F629D74A0CEB50295825F06E9E3F031D43FAA69C3940ECFB41EE6607361C2", "9DF27773FEA6077586585C5DC66BDAD3B9D978F5FE116E7907CF12018A0037BA", "9F484A66F3F1523254A7A09DD83CED315E60D105E9F53AE44E078BF8618E95CE", "A09018951A0F9F0B9C85455ECAA1455C0E32A9D1AD52716AF4DC1D2F9A4B8983", "A0CD9A22E5D088DB9C207BFDB7A5A5C2C5314C8720A58AA744A101705F8C5E9E", "A1A641310DC3EC26A5A32A1491C4AE50BBBBBEA686B4FCC9322DE02CB90D7FBA", "A2D06FB3017FCE651EA8255C84E9C676D1204865B3375BA8E8B8F438AA9B7256", "A30E12F2B88961A3A2DDF78E8F637D42FABAD056F16A2A25EE7CD0751F6D5DF5", "A3AA1EABC04F772D5CDA8853B864F229765DC4A3D9C4B8F0FBF97542821DB5E9", "A5BA8A613951DB71615997A50576EA856CF6F241F65D49864518CC076EDA448D", "A5D273C4869530B1BDDB415E45BEC7D916490C3278ABAC423D76AA509827EAA0", "A5DABD1C1B1C58D900A9518CCA7EC1C03488CC2DF1750F65600D7F0C8E0E4763", "A5F646FF4C83A4B1D2C8B47FCAC3D208DF17454D859B9AB5DD63F0E74300162C", "A654DFD6FE6FCF2884AC0707849B43D4C36CBD6723597614360CB1EFD332EC39", "A66C63EF0F6CFF0B1CEDB2424C9895AB725EE1676F2D1539AB91A9FAEC802564", "A6A112C52CDAC99718BF9E5ED7E1CCFB273A24E89BEB3F4E10C47B550A16F536", "A6D737ADE03B032A42291D50B5DFC8276AA6AB0C24E9163A9958098D0E9747B6", "A701AFC8C238BDFFC275CACF75BFA2343212CCA8077B0C43D13D17FB1392C9ED", "A8EC4F91E2F013791F540F670A3496CAD8D5C16347308AEC3639DD391A2968DD", "A940117E958EE36E02113835473941A256BE8B1C435DA9C009579A05389EE9E9", "AB7E82CD356AAA55900FFB785ECCA647E2DE687F0BE610FBC448CF5A139EB4CF", "AC1428711C403C1B4769984234D50FE4F5F83D8DF9CF99F7834FADA33056EC4D", "AD6CCE2A1D5A9869BD583668A696E96D5711DC6790008CC35A1991D46E49ABE2", "AD86702782A27B125C52925B01186F115FDFFD74D9D5E408D9B6FF77D740FAF6", "AE567113545218823FAE52D3A477168F041C0F35D4EE0A605E4BEBE15225DAAD", "AED0F240DF3C88F319E3FB42ACD61D16097A82B46ED80B7D90B6C196F011838C", "AEDA88262CA7D9131BC64000D7DB1B57E10378E85003F0929852E5336EAE0A2E", "B0528F9B036E05AC9A10262631DAF76C50D058E8380B936E9BB1177907389047", "B0DF32322CE6A2B6D1EC5D029C9322141A4F0B90F6393DD9417AE692DA63CE98", "B0FB98D09F3AB63566DF3496E722777261EC73210A72EB2A2FAB701E3D4F7054", "B18AE52E5F4054F9AA7E88AFDF03E21D1BB07DBFCC88E226C3B097EF37102A0C", "B1A7EA382E1811C14DF51844F0D630A15CC26815C0D6C2E6A724EFCC852D8689", "B29B1371AC288FDC546A02113375596BEABE9D719A718096D400DC04D07B592D", "B498A5EBA0E68B48D535AA59E01B9097C6BDB3E1AB3D4647DCF6C37E05CB58B8", "B50225E1F5F9491DF9312C4BA65827C39ED2C94DA68FDCD665A8F00832D51302", "B55C78ED054A04D7CF402F9C161B9C4DF1BB709929540DC002FF6E726FE16F65", "B5C3610D9ED880EBEC70F8F5BB155DCB1AB3B2C613D9414244D516D98988F05E", "B76DC607E6D34377EEE262425D123BE37DE9976C1E8C0C2879E6953C356E7375", "B7D409E9A403BA9F7B31027D06EA38DD15E5D87F56D21161B5BA8A2053445315", "BB600B119BB0BCBE0C1A441D96B93496AC1319A4F50379AB81C6EC6E8A6222AF", "BC1C22C92E0CEE8467256F78F387FAEA6F852E767E00D35A6A75231D35E5F318", "BD2428A25CDF59A301746E815BB63D51A58CED4A1661B99FD4945DA5FCFF3BF8", "BD333283E74EA7CC4FECA64B1589C8F73EF2945CABB8B7545BC00F65676717A0", "BE51B4D7BA3C4A79DE20E3F69DBE84BE8D31F54B22537E29FF188C8E94FD3552", "BEE498D64CA2EADF926E0FE823248FE0159CFE6EC6405F64A375B2DE213482D4", "BEFC933A21032B37E4962F78D8A8AF4D98F80A7271C82DBAF99BCE169CC38F0B", "C0C635C3D1BDFFF4279719843730FED33753DFD9A52C5B43AE4A48433A539739", "C1496EC4045B1D46025659B86814D1D0EF8F5054AB7B5935417CDC9116D1E1FD", "C14C4B4001324D7874D8503808C407F8FBC26EAEFD9302E46B156E1EC130DC3F", "C197CFA48A392ED032551EAF7A52941BDFF0E637471A2CF6510D6AA764C7CB3F", "C26565231FCCD49F3C622767588121FC9085B877AD8E5C33D034BF636DC48217", "C38D6ABC79203A68FBEFD4AF0550B930A12344E61F2BA7EBD4A32B10F48FF4F4", "C596338966F1610A28DC01FBB21502CC71651B70DBC8B96D9603EBE432E4D5E6", "C782E28D921E60ACB8E9DA8D4E896C767C63812207127F74F0A2911E51EF5864", "C815D5BA0527F8CF454767B7D16A6B819AF9B998FAC3AFC2A63E79F6A57AD83A", "C88F1D0F2E82F0BAF248BEFD6CE8600095CB7D8242F192906DA3D353C6731D59", "C8E3076BF00DD8380618AD02C4DDA7DF7604CC6B6A724449CCB6A06853CAED2A", "CA1E3EFC07D22B2DA86595362931D640F30F757529856481F669DB4619DAD922", "CA6E62CB32AA91296638D9DAB5072711CB69A35615F7FC69D8B55BD25BE71F67", "CB765B8720A2E211CEA709C71E6C4409A9A1FE0813B5C8FA4AE6417BE059E68A", "CCE2284A1DEFC26817EC9BCCD38DA7A3854365480FF9426304A46C0C98F30195", "CD40DD149C78115FC5E14131A8469B7F2D7DDB0549913613CBD15A792ECBBE37", "CDD93933A317B04B50C248F3EB04FC47F3F9FD68CCF07F6CAD56D189A531A84D", "CE17FB486A383FDA7CA58E6E9EBC670CBD8C99F75AB7AAF454F6CC73755CB8C6", "CEF374057D7807F5D35968E4C55414081A5A0BD61843509DA73FCFE986EFFD24", "D0B31273B5CAE7971F9FBEBC2F13E62ED0E72188BCE9AE7F9E483C591E4A9F50", "D1D43CB4C651EC344A506E76FAFAC5A1C0BA2618CF89E0668701D13B96168171", "D288D5ADF67DE9C3743BE8316D7F496F7CA64A396C1E8E9019178232D17AF15D", "D3C347A5A7C4AA243B17CFCC5AD0080A2A49CC6A651602DF047BC554082EB3A1", "D539341B64A88A49490C3C0F20392F7B5A9616A42C069A2509BF53F2F8A4D618", "D5669E8BD806DAFD5634A46DC91CB3F3DF803505AB2E560048173E1D18CE20EB", "D56EBBD4671C81624AEF1C667DA00AAEE24DD2706C019B41D11E21168679B99D", "D7223669F837AB80390958B899F52861611C307D6B8D138B8989B36879EA3A71", "D77771C02C6376843FB0E711FB076CBE28430C3CA93055946AA808EB2C0F5EEA", "D919DD3ABC738C78F022F9616EE0C0EF09AB2836986990B6A556B4429C4C843E", "DC103410561C74F2BE482D1DC9D39673C4CA0201FA7430A6DA0052ED558DCC5F", "DDD4AB992BDFCF47B1C63583774DFCACB217D68082641AA2E66EEFE336297568", "DDE11A6EB73BE3F98B37D85D58288FC1BB387A976FF07E231F2FC766E2B956AB", "DE3422F091BEAF937A6AAF2F474509A669B7CE95027496E1A397C52DB56CA841", "DED899C681C4F01F658F5349E77058BDF8C51E88FADBC17AC63AAD856B4CADE5", "DF4E13C85EACFEE2051B7981ADDB31432F47A19BDF5522096B79CAE0037CA8D9", "E0FDC61D822C325E91C2F377292B2B9F1F3CF389F1853458926D9A8FF435767B", "E3E29938D5D0031514AFE0A7E80C2513F25C4DCE6D5E26A93BE99C9CA93B0FEA", "E5052C6907E510F3C222AB3068E9D182E3424180C76B6CCD3492774F29990346", "E5B87A13371E713ADEF3FE7406AE533F7BBE73CA43581E79D929A91E3864ECDC", "E7656AF9CD390F5923F2057D1E129C55B9278BD1872617B38D1DAA13A55E0AE0", "E7B4E1607446FED2E1EA3DED4F35354BBD746B762279FBE37A746CB69873BBAB", "EB8F31C93BD7E41A11EB86029A059AA21310DE2294422DCEDE1529D9B98A0560", "EC94C08957C3FC96E55B7BF4B4A74A2D96A2DDE26A96A649E7FE9C97C31958BD", "EE6A497E94604BB79DF6958408A4B3526A8046A68E01669E6E70BBCF080D8A50", "EFEF2244E948829C5D18D7E375890D878EF65279FF91004B2295614B4406FAED", "F022B1455D4614E425E2D78BC02FFB6A7F2D5B177BF3F93F521E8EFBA5BEE1DE", "F06515C6AEE16B93C29B3C5AE8DD30898074C698C0C44BA3E8EEB165C7BC1C7B", "F0AFFAB5446BEF6A6B346CA7237A1583252E55B1EA002352E7DFDFFB5796363C", "F117DBDFED6B212106F9E2337E83226A94DDA2D7BE2380A5E5AACD18D954EB5B", "F3DCE3C5833C49557020B40FD1488FEA652FBB7103978A659A3D71B569B8213C", "F3E031EE1A516EA99D2090D5BCF18F17CB05168CD220DB3ED9A3C93DFB2F1DEB", "F3F852CA57F1D635AD9D70D1C461917BDB89BE30E041807BC8773FD8BCD92529", "F5EB55E6DBF388E7CB6C76AFCD8A50A86C1FE6B41E6933749DC88EF56B7E408E", "F65F1D96E364841337F0770420AA39E180E57CF181628F15C7259D9D9A9E8BDD", "F785AF48921E783296B2A0239E86F7705BC5B4E3FB2AA02AA9A98C937586E394", "F81CC2CEFCE57B6F2DEE1FB27B0ACC6ABAF6C20F5B4D8FA1386FDE0E8AEFB952", "F847189F837954832A5D4C79716968441854E0CF05BFA8740F540844BB54683A", "F886086D62B136A906CD0EB998C3D948DAA60D49CBC1EB1C4BA913829EF5727E", "F9D06594A00624E53C29A51D70903B1B9259203EE3DF4AB0E886987AC14CFC1A", "FA28CB50714C2E033435E17981D021316797914289ED09AB906E1A7CBA22C8A3", "FB43C322D859482E6F424163C13881EEC31212B103D2BE6DF6958A5644CEC6E6", "FB7767D2479CE90F8E41353C5A1CFE5538D8D792872CDAD36296F6141E41513B", "FBEF03A095B8D1E19B9E4037A274023851826F494D85383B4064E73E0E5C4B81", "FC67824EDEA7266EC4ACC4A9FF987D99A6B7A246B5DEA115F33425EDCEE6D155", "FE1BF646F073E0CD70183824B616E6F0E4BCE19482B6A4D40D24FE61BAEF307F", "FE6D95CEEFE9596CD6D6134F8326AB13E3C97D550B3E62F57DECDBDBC51C329A", "FEE45A44E8C46E13896C20C8C9B2A275C16E5652E4DF723FE4A044838B932DB1", "FFEEC184B6E70C6210AE293D53A3A1B1504EA119812486B8160ACE05A643D9DD", "FFFC975129255F81268D3FCA3749E94C10CC5947120F8A0C2ECF652F4D79545D"]}, {"type": "ics", "idList": ["ICSA-21-336-06", "ICSA-22-069-09", "ICSA-22-116-01", "ICSA-22-130-06", "ICSA-22-132-02", "ICSA-22-167-14", "ICSA-22-221-01", "ICSA-22-221-01-0", "ICSA-22-258-05", "ICSA-22-272-02", "ICSA-23-059-01", "ICSA-23-075-01", "ICSA-23-080-07", "ICSA-23-143-02", "ICSA-23-166-10", "ICSA-23-166-12"]}, {"type": "kaspersky", "idList": ["KLA11475", "KLA11621", "KLA11718", "KLA12007", "KLA12017", "KLA12369"]}, {"type": "kitploit", "idList": ["KITPLOIT:3974184594574360239"]}, {"type": "mageia", "idList": ["MGASA-2019-0283", "MGASA-2019-0387", "MGASA-2020-0070", "MGASA-2020-0078", "MGASA-2020-0240", "MGASA-2020-0324", "MGASA-2020-0338", "MGASA-2020-0362", "MGASA-2021-0108", "MGASA-2021-0138", "MGASA-2021-0150", "MGASA-2021-0162", "MGASA-2021-0167", "MGASA-2021-0178", "MGASA-2021-0218", "MGASA-2021-0220", "MGASA-2021-0245", "MGASA-2021-0265", "MGASA-2021-0275", "MGASA-2021-0294", "MGASA-2021-0303", "MGASA-2021-0308", "MGASA-2021-0318", "MGASA-2021-0351", "MGASA-2021-0362", "MGASA-2021-0371", "MGASA-2021-0404", "MGASA-2021-0429", "MGASA-2021-0441", "MGASA-2021-0446", "MGASA-2021-0560", "MGASA-2022-0028", "MGASA-2022-0035", "MGASA-2022-0047", "MGASA-2022-0052", "MGASA-2022-0060", "MGASA-2022-0084", "MGASA-2022-0113", "MGASA-2022-0124", "MGASA-2022-0177", "MGASA-2022-0314", "MGASA-2022-0321", "MGASA-2023-0159"]}, {"type": "nessus", "idList": ["AIX_IJ37222.NASL", "AIX_IJ37224.NASL", "AIX_IJ37225.NASL", "AIX_IJ37226.NASL", "AIX_IJ42339.NASL", "AIX_IJ42341.NASL", "AIX_IJ42381.NASL", "AL2022_ALAS2022-2022-041.NASL", "AL2022_ALAS2022-2022-059.NASL", "AL2022_ALAS2022-2022-064.NASL", "AL2022_ALAS2022-2022-068.NASL", "AL2022_ALAS2022-2022-093.NASL", "AL2022_ALAS2022-2022-100.NASL", "AL2022_ALAS2022-2022-130.NASL", "AL2022_ALAS2022-2022-158.NASL", "AL2022_ALAS2022-2022-159.NASL", "AL2022_ALAS2022-2022-167.NASL", "AL2022_ALAS2022-2022-170.NASL", "AL2022_ALAS2022-2022-174.NASL", "AL2022_ALAS2022-2022-182.NASL", "AL2022_ALAS2022-2022-195.NASL", "AL2022_ALAS2022-2022-197.NASL", "AL2022_ALAS2022-2022-198.NASL", "AL2022_ALAS2022-2022-201.NASL", "AL2022_ALAS2022-2022-208.NASL", "AL2023_ALAS2023-2023-002.NASL", "AL2023_ALAS2023-2023-003.NASL", "AL2023_ALAS2023-2023-013.NASL", "AL2023_ALAS2023-2023-017.NASL", "AL2023_ALAS2023-2023-027.NASL", "AL2023_ALAS2023-2023-037.NASL", "AL2023_ALAS2023-2023-051.NASL", "AL2023_ALAS2023-2023-060.NASL", "AL2023_ALAS2023-2023-071.NASL", "AL2023_ALAS2023-2023-096.NASL", "AL2023_ALAS2023-2023-205.NASL", "AL2_ALAS-2020-1442.NASL", "AL2_ALAS-2020-1492.NASL", "AL2_ALAS-2021-1608.NASL", "AL2_ALAS-2021-1612.NASL", "AL2_ALAS-2021-1651.NASL", "AL2_ALAS-2021-1659.NASL", "AL2_ALAS-2021-1674.NASL", "AL2_ALAS-2021-1703.NASL", "AL2_ALAS-2021-1714.NASL", "AL2_ALAS-2021-1721.NASL", "AL2_ALAS-2022-1766.NASL", "AL2_ALAS-2022-1767.NASL", "AL2_ALAS-2022-1769.NASL", "AL2_ALAS-2022-1772.NASL", "AL2_ALAS-2022-1826.NASL", "AL2_ALAS-2022-1848.NASL", "AL2_ALAS-2022-1857.NASL", "AL2_ALAS-2023-2010.NASL", "AL2_ALAS-2023-2058.NASL", "AL2_ALAS-2023-2079.NASL", "AL2_ALASNITRO-ENCLAVES-2022-018.NASL", "ALA_ALAS-2020-1381.NASL", "ALA_ALAS-2021-1482.NASL", "ALA_ALAS-2021-1514.NASL", "ALA_ALAS-2021-1541.NASL", "ALA_ALAS-2022-1575.NASL", "ALA_ALAS-2022-1576.NASL", "ALA_ALAS-2022-1578.NASL", "ALA_ALAS-2022-1602.NASL", "ALA_ALAS-2022-1640.NASL", "ALA_ALAS-2023-1720.NASL", "ALA_ALAS-2023-1742.NASL", "ALA_ALAS-2023-1743.NASL", "ALMA_LINUX_ALSA-2021-4139.NASL", "ALMA_LINUX_ALSA-2021-4161.NASL", "ALMA_LINUX_ALSA-2021-4198.NASL", "ALMA_LINUX_ALSA-2021-4201.NASL", "ALMA_LINUX_ALSA-2021-4358.NASL", "ALMA_LINUX_ALSA-2021-4373.NASL", "ALMA_LINUX_ALSA-2021-4382.NASL", "ALMA_LINUX_ALSA-2021-4384.NASL", "ALMA_LINUX_ALSA-2021-4385.NASL", "ALMA_LINUX_ALSA-2021-4386.NASL", "ALMA_LINUX_ALSA-2021-4387.NASL", "ALMA_LINUX_ALSA-2021-4396.NASL", "ALMA_LINUX_ALSA-2021-4408.NASL", "ALMA_LINUX_ALSA-2021-4409.NASL", "ALMA_LINUX_ALSA-2021-4424.NASL", "ALMA_LINUX_ALSA-2021-4426.NASL", "ALMA_LINUX_ALSA-2021-4455.NASL", "ALMA_LINUX_ALSA-2021-4464.NASL", "ALMA_LINUX_ALSA-2021-4489.NASL", "ALMA_LINUX_ALSA-2021-4510.NASL", "ALMA_LINUX_ALSA-2021-4513.NASL", "ALMA_LINUX_ALSA-2021-5226.NASL", "ALMA_LINUX_ALSA-2022-0368.NASL", "ALMA_LINUX_ALSA-2022-0370.NASL", "ALMA_LINUX_ALSA-2022-2031.NASL", "ALMA_LINUX_ALSA-2022-2092.NASL", "ALMA_LINUX_ALSA-2022-4584.NASL", "ALMA_LINUX_ALSA-2022-4592.NASL", "ALMA_LINUX_ALSA-2022-4899.NASL", "ALMA_LINUX_ALSA-2022-5250.NASL", "ALMA_LINUX_ALSA-2022-5311.NASL", "ALMA_LINUX_ALSA-2022-5326.NASL", "ALMA_LINUX_ALSA-2022-7813.NASL", "ALMA_LINUX_ALSA-2022-8418.NASL", "ALMA_LINUX_ALSA-2022-8420.NASL", "AMAZON_CORRETTO_17_0_3_6_1.NASL", "AMAZON_CORRETTO_18_0_1_10_1.NASL", "AMAZON_CORRETTO_8_332_08_1.NASL", "APACHE_2_4_47.NASL", "APPLE_IOS_155_CHECK.NBIN", "AZUL_ZULU_18_30_12.NASL", "BIND9_91712.NASL", "BIND9_91712_CVE-2021-25214.NASL", "BIND9_91719.NASL", "CENTOS8_RHSA-2021-4139.NASL", "CENTOS8_RHSA-2021-4150.NASL", "CENTOS8_RHSA-2021-4151.NASL", "CENTOS8_RHSA-2021-4160.NASL", "CENTOS8_RHSA-2021-4161.NASL", "CENTOS8_RHSA-2021-4162.NASL", "CENTOS8_RHSA-2021-4198.NASL", "CENTOS8_RHSA-2021-4201.NASL", "CENTOS8_RHSA-2021-4358.NASL", "CENTOS8_RHSA-2021-4373.NASL", "CENTOS8_RHSA-2021-4382.NASL", "CENTOS8_RHSA-2021-4385.NASL", "CENTOS8_RHSA-2021-4386.NASL", "CENTOS8_RHSA-2021-4387.NASL", "CENTOS8_RHSA-2021-4396.NASL", "CENTOS8_RHSA-2021-4408.NASL", "CENTOS8_RHSA-2021-4409.NASL", "CENTOS8_RHSA-2021-4424.NASL", "CENTOS8_RHSA-2021-4426.NASL", "CENTOS8_RHSA-2021-4455.NASL", "CENTOS8_RHSA-2021-4464.NASL", "CENTOS8_RHSA-2021-4489.NASL", "CENTOS8_RHSA-2021-4510.NASL", "CENTOS8_RHSA-2021-4513.NASL", "CENTOS8_RHSA-2021-5226.NASL", "CENTOS8_RHSA-2022-0892.NASL", "CENTOS8_RHSA-2022-2031.NASL", "CENTOS8_RHSA-2022-5163.NASL", "CENTOS_RHSA-2021-3325.NASL", "CENTOS_RHSA-2021-3798.NASL", "CENTOS_RHSA-2022-1066.NASL", "CENTOS_RHSA-2022-2213.NASL", "DEBIAN_DLA-2228.NASL", "DEBIAN_DLA-2301.NASL", "DEBIAN_DLA-2303.NASL", "DEBIAN_DLA-2381.NASL", "DEBIAN_DLA-2563.NASL", "DEBIAN_DLA-2565.NASL", "DEBIAN_DLA-2590.NASL", "DEBIAN_DLA-2600.NASL", "DEBIAN_DLA-2647.NASL", "DEBIAN_DLA-2648.NASL", "DEBIAN_DLA-2691.NASL", "DEBIAN_DLA-2766.NASL", "DEBIAN_DLA-2774.NASL", "DEBIAN_DLA-2790.NASL", "DEBIAN_DLA-2807.NASL", "DEBIAN_DLA-2952.NASL", "DEBIAN_DLA-2953.NASL", "DEBIAN_DLA-2968.NASL", "DEBIAN_DLA-2972.NASL", "DEBIAN_DLA-2987.NASL", "DEBIAN_DLA-2993.NASL", "DEBIAN_DLA-3012.NASL", "DEBIAN_DLA-3044.NASL", "DEBIAN_DLA-3110.NASL", "DEBIAN_DLA-3114.NASL", "DEBIAN_DLA-3152.NASL", "DEBIAN_DLA-3154.NASL", "DEBIAN_DLA-3202.NASL", "DEBIAN_DLA-3461.NASL", "DEBIAN_DLA-3469.NASL", "DEBIAN_DSA-4500.NASL", "DEBIAN_DSA-4606.NASL", "DEBIAN_DSA-4741.NASL", "DEBIAN_DSA-4855.NASL", "DEBIAN_DSA-4870.NASL", "DEBIAN_DSA-4878.NASL", "DEBIAN_DSA-4889.NASL", "DEBIAN_DSA-4909.NASL", "DEBIAN_DSA-4963.NASL", "DEBIAN_DSA-4965.NASL", "DEBIAN_DSA-4994.NASL", "DEBIAN_DSA-5018.NASL", "DEBIAN_DSA-5070.NASL", "DEBIAN_DSA-5103.NASL", "DEBIAN_DSA-5111.NASL", "DEBIAN_DSA-5142.NASL", "DELL_WYSE_MANAGEMENT_SUITE_DSA-2022-098.NASL", "DRAC_DSA-2022-154_2_83_83_83_5_10_30_00.NASL", "EULEROS_SA-2019-2292.NASL", "EULEROS_SA-2019-2420.NASL", "EULEROS_SA-2019-2544.NASL", "EULEROS_SA-2019-2634.NASL", "EULEROS_SA-2020-1064.NASL", "EULEROS_SA-2020-1142.NASL", "EULEROS_SA-2020-1206.NASL", "EULEROS_SA-2020-1582.NASL", "EULEROS_SA-2020-1605.NASL", "EULEROS_SA-2020-1680.NASL", "EULEROS_SA-2020-1693.NASL", "EULEROS_SA-2020-1705.NASL", "EULEROS_SA-2020-1732.NASL", "EULEROS_SA-2020-1733.NASL", "EULEROS_SA-2020-1819.NASL", "EULEROS_SA-2020-1827.NASL", "EULEROS_SA-2020-1883.NASL", "EULEROS_SA-2020-1896.NASL", "EULEROS_SA-2020-1930.NASL", "EULEROS_SA-2020-1942.NASL", "EULEROS_SA-2020-1950.NASL", "EULEROS_SA-2020-1985.NASL", "EULEROS_SA-2020-1987.NASL", "EULEROS_SA-2020-2033.NASL", "EULEROS_SA-2020-2059.NASL", "EULEROS_SA-2020-2084.NASL", "EULEROS_SA-2020-2088.NASL", "EULEROS_SA-2020-2189.NASL", "EULEROS_SA-2020-2207.NASL", "EULEROS_SA-2020-2379.NASL", "EULEROS_SA-2020-2398.NASL", "EULEROS_SA-2020-2453.NASL", "EULEROS_SA-2020-2458.NASL", "EULEROS_SA-2020-2517.NASL", "EULEROS_SA-2021-1088.NASL", "EULEROS_SA-2021-1154.NASL", "EULEROS_SA-2021-1545.NASL", "EULEROS_SA-2021-1584.NASL", "EULEROS_SA-2021-1608.NASL", "EULEROS_SA-2021-1712.NASL", "EULEROS_SA-2021-1721.NASL", "EULEROS_SA-2021-1740.NASL", "EULEROS_SA-2021-1759.NASL", "EULEROS_SA-2021-1789.NASL", "EULEROS_SA-2021-1825.NASL", "EULEROS_SA-2021-1826.NASL", "EULEROS_SA-2021-1841.NASL", "EULEROS_SA-2021-1871.NASL", "EULEROS_SA-2021-1882.NASL", "EULEROS_SA-2021-1887.NASL", "EULEROS_SA-2021-1907.NASL", "EULEROS_SA-2021-1908.NASL", "EULEROS_SA-2021-1909.NASL", "EULEROS_SA-2021-1924.NASL", "EULEROS_SA-2021-1935.NASL", "EULEROS_SA-2021-1945.NASL", "EULEROS_SA-2021-1956.NASL", "EULEROS_SA-2021-1975.NASL", "EULEROS_SA-2021-1992.NASL", "EULEROS_SA-2021-1999.NASL", "EULEROS_SA-2021-2005.NASL", "EULEROS_SA-2021-2013.NASL", "EULEROS_SA-2021-2015.NASL", "EULEROS_SA-2021-2030.NASL", "EULEROS_SA-2021-2032.NASL", "EULEROS_SA-2021-2044.NASL", "EULEROS_SA-2021-2054.NASL", "EULEROS_SA-2021-2065.NASL", "EULEROS_SA-2021-2076.NASL", "EULEROS_SA-2021-2091.NASL", "EULEROS_SA-2021-2092.NASL", "EULEROS_SA-2021-2117.NASL", "EULEROS_SA-2021-2154.NASL", "EULEROS_SA-2021-2156.NASL", "EULEROS_SA-2021-2180.NASL", "EULEROS_SA-2021-2186.NASL", "EULEROS_SA-2021-2194.NASL", "EULEROS_SA-2021-2197.NASL", "EULEROS_SA-2021-2215.NASL", "EULEROS_SA-2021-2228.NASL", "EULEROS_SA-2021-2236.NASL", "EULEROS_SA-2021-2254.NASL", "EULEROS_SA-2021-2262.NASL", "EULEROS_SA-2021-2280.NASL", "EULEROS_SA-2021-2295.NASL", "EULEROS_SA-2021-2320.NASL", "EULEROS_SA-2021-2330.NASL", "EULEROS_SA-2021-2354.NASL", "EULEROS_SA-2021-2373.NASL", "EULEROS_SA-2021-2374.NASL", "EULEROS_SA-2021-2395.NASL", "EULEROS_SA-2021-2416.NASL", "EULEROS_SA-2021-2417.NASL", "EULEROS_SA-2021-2418.NASL", "EULEROS_SA-2021-2441.NASL", "EULEROS_SA-2021-2456.NASL", "EULEROS_SA-2021-2461.NASL", "EULEROS_SA-2021-2468.NASL", "EULEROS_SA-2021-2469.NASL", "EULEROS_SA-2021-2471.NASL", "EULEROS_SA-2021-2482.NASL", "EULEROS_SA-2021-2484.NASL", "EULEROS_SA-2021-2503.NASL", "EULEROS_SA-2021-2506.NASL", "EULEROS_SA-2021-2516.NASL", "EULEROS_SA-2021-2526.NASL", "EULEROS_SA-2021-2531.NASL", "EULEROS_SA-2021-2532.NASL", "EULEROS_SA-2021-2533.NASL", "EULEROS_SA-2021-2538.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2550.NASL", "EULEROS_SA-2021-2555.NASL", "EULEROS_SA-2021-2556.NASL", "EULEROS_SA-2021-2557.NASL", "EULEROS_SA-2021-2562.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2572.NASL", "EULEROS_SA-2021-2581.NASL", "EULEROS_SA-2021-2590.NASL", "EULEROS_SA-2021-2593.NASL", "EULEROS_SA-2021-2609.NASL", "EULEROS_SA-2021-2625.NASL", "EULEROS_SA-2021-2631.NASL", "EULEROS_SA-2021-2639.NASL", "EULEROS_SA-2021-2653.NASL", "EULEROS_SA-2021-2660.NASL", "EULEROS_SA-2021-2666.NASL", "EULEROS_SA-2021-2667.NASL", "EULEROS_SA-2021-2668.NASL", "EULEROS_SA-2021-2684.NASL", "EULEROS_SA-2021-2691.NASL", "EULEROS_SA-2021-2692.NASL", "EULEROS_SA-2021-2695.NASL", "EULEROS_SA-2021-2709.NASL", "EULEROS_SA-2021-2716.NASL", "EULEROS_SA-2021-2717.NASL", "EULEROS_SA-2021-2720.NASL", "EULEROS_SA-2021-2733.NASL", "EULEROS_SA-2021-2735.NASL", "EULEROS_SA-2021-2742.NASL", "EULEROS_SA-2021-2753.NASL", "EULEROS_SA-2021-2755.NASL", "EULEROS_SA-2021-2758.NASL", "EULEROS_SA-2021-2759.NASL", "EULEROS_SA-2021-2761.NASL", "EULEROS_SA-2021-2762.NASL", "EULEROS_SA-2021-2766.NASL", "EULEROS_SA-2021-2770.NASL", "EULEROS_SA-2021-2772.NASL", "EULEROS_SA-2021-2785.NASL", "EULEROS_SA-2021-2787.NASL", "EULEROS_SA-2021-2788.NASL", "EULEROS_SA-2021-2790.NASL", "EULEROS_SA-2021-2795.NASL", "EULEROS_SA-2021-2796.NASL", "EULEROS_SA-2021-2820.NASL", "EULEROS_SA-2021-2828.NASL", "EULEROS_SA-2021-2836.NASL", "EULEROS_SA-2021-2840.NASL", "EULEROS_SA-2021-2867.NASL", "EULEROS_SA-2021-2869.NASL", "EULEROS_SA-2021-2872.NASL", "EULEROS_SA-2021-2874.NASL", "EULEROS_SA-2021-2877.NASL", "EULEROS_SA-2021-2881.NASL", "EULEROS_SA-2021-2888.NASL", "EULEROS_SA-2021-2914.NASL", "EULEROS_SA-2021-2920.NASL", "EULEROS_SA-2021-2922.NASL", "EULEROS_SA-2021-2927.NASL", "EULEROS_SA-2021-2935.NASL", "EULEROS_SA-2022-1001.NASL", "EULEROS_SA-2022-1015.NASL", "EULEROS_SA-2022-1021.NASL", "EULEROS_SA-2022-1035.NASL", "EULEROS_SA-2022-1059.NASL", "EULEROS_SA-2022-1066.NASL", "EULEROS_SA-2022-1073.NASL", "EULEROS_SA-2022-1074.NASL", "EULEROS_SA-2022-1077.NASL", "EULEROS_SA-2022-1088.NASL", "EULEROS_SA-2022-1091.NASL", "EULEROS_SA-2022-1109.NASL", "EULEROS_SA-2022-1122.NASL", "EULEROS_SA-2022-1127.NASL", "EULEROS_SA-2022-1135.NASL", "EULEROS_SA-2022-1136.NASL", "EULEROS_SA-2022-1140.NASL", "EULEROS_SA-2022-1158.NASL", "EULEROS_SA-2022-1164.NASL", "EULEROS_SA-2022-1173.NASL", "EULEROS_SA-2022-1174.NASL", "EULEROS_SA-2022-1180.NASL", "EULEROS_SA-2022-1181.NASL", "EULEROS_SA-2022-1199.NASL", "EULEROS_SA-2022-1209.NASL", "EULEROS_SA-2022-1215.NASL", "EULEROS_SA-2022-1218.NASL", "EULEROS_SA-2022-1228.NASL", "EULEROS_SA-2022-1234.NASL", "EULEROS_SA-2022-1237.NASL", "EULEROS_SA-2022-1245.NASL", "EULEROS_SA-2022-1249.NASL", "EULEROS_SA-2022-1257.NASL", "EULEROS_SA-2022-1261.NASL", "EULEROS_SA-2022-1273.NASL", "EULEROS_SA-2022-1293.NASL", "EULEROS_SA-2022-1309.NASL", "EULEROS_SA-2022-1353.NASL", "EULEROS_SA-2022-1367.NASL", "EULEROS_SA-2022-1368.NASL", "EULEROS_SA-2022-1378.NASL", "EULEROS_SA-2022-1379.NASL", "EULEROS_SA-2022-1386.NASL", "EULEROS_SA-2022-1391.NASL", "EULEROS_SA-2022-1393.NASL", "EULEROS_SA-2022-1394.NASL", "EULEROS_SA-2022-1404.NASL", "EULEROS_SA-2022-1405.NASL", "EULEROS_SA-2022-1412.NASL", "EULEROS_SA-2022-1417.NASL", "EULEROS_SA-2022-1427.NASL", "EULEROS_SA-2022-1430.NASL", "EULEROS_SA-2022-1448.NASL", "EULEROS_SA-2022-1451.NASL", "EULEROS_SA-2022-1485.NASL", "EULEROS_SA-2022-1490.NASL", "EULEROS_SA-2022-1504.NASL", "EULEROS_SA-2022-1509.NASL", "EULEROS_SA-2022-1541.NASL", "EULEROS_SA-2022-1545.NASL", "EULEROS_SA-2022-1546.NASL", "EULEROS_SA-2022-1547.NASL", "EULEROS_SA-2022-1559.NASL", "EULEROS_SA-2022-1565.NASL", "EULEROS_SA-2022-1574.NASL", "EULEROS_SA-2022-1578.NASL", "EULEROS_SA-2022-1606.NASL", "EULEROS_SA-2022-1608.NASL", "EULEROS_SA-2022-1629.NASL", "EULEROS_SA-2022-1631.NASL", "EULEROS_SA-2022-1672.NASL", "EULEROS_SA-2022-1678.NASL", "EULEROS_SA-2022-1685.NASL", "EULEROS_SA-2022-1705.NASL", "EULEROS_SA-2022-1724.NASL", "EULEROS_SA-2022-1741.NASL", "EULEROS_SA-2022-1753.NASL", "EULEROS_SA-2022-1754.NASL", "EULEROS_SA-2022-1777.NASL", "EULEROS_SA-2022-1793.NASL", "EULEROS_SA-2022-1795.NASL", "EULEROS_SA-2022-1810.NASL", "EULEROS_SA-2022-1812.NASL", "EULEROS_SA-2022-1823.NASL", "EULEROS_SA-2022-1827.NASL", "EULEROS_SA-2022-1840.NASL", "EULEROS_SA-2022-1846.NASL", "EULEROS_SA-2022-1849.NASL", "EULEROS_SA-2022-1853.NASL", "EULEROS_SA-2022-1864.NASL", "EULEROS_SA-2022-1870.NASL", "EULEROS_SA-2022-1873.NASL", "EULEROS_SA-2022-1877.NASL", "EULEROS_SA-2022-1889.NASL", "EULEROS_SA-2022-1901.NASL", "EULEROS_SA-2022-1913.NASL", "EULEROS_SA-2022-1920.NASL", "EULEROS_SA-2022-1938.NASL", "EULEROS_SA-2022-1956.NASL", "EULEROS_SA-2022-1972.NASL", "EULEROS_SA-2022-1986.NASL", "EULEROS_SA-2022-2002.NASL", "EULEROS_SA-2022-2016.NASL", "EULEROS_SA-2022-2023.NASL", "EULEROS_SA-2022-2027.NASL", "EULEROS_SA-2022-2029.NASL", "EULEROS_SA-2022-2032.NASL", "EULEROS_SA-2022-2051.NASL", "EULEROS_SA-2022-2055.NASL", "EULEROS_SA-2022-2057.NASL", "EULEROS_SA-2022-2060.NASL", "EULEROS_SA-2022-2076.NASL", "EULEROS_SA-2022-2082.NASL", "EULEROS_SA-2022-2093.NASL", "EULEROS_SA-2022-2105.NASL", "EULEROS_SA-2022-2113.NASL", "EULEROS_SA-2022-2125.NASL", "EULEROS_SA-2022-2137.NASL", "EULEROS_SA-2022-2150.NASL", "EULEROS_SA-2022-2162.NASL", "EULEROS_SA-2022-2175.NASL", "EULEROS_SA-2022-2179.NASL", "EULEROS_SA-2022-2183.NASL", "EULEROS_SA-2022-2186.NASL", "EULEROS_SA-2022-2190.NASL", "EULEROS_SA-2022-2198.NASL", "EULEROS_SA-2022-2202.NASL", "EULEROS_SA-2022-2205.NASL", "EULEROS_SA-2022-2209.NASL", "EULEROS_SA-2022-2308.NASL", "EULEROS_SA-2022-2339.NASL", "EULEROS_SA-2022-2354.NASL", "EULEROS_SA-2022-2371.NASL", "EULEROS_SA-2022-2390.NASL", "EULEROS_SA-2022-2407.NASL", "EULEROS_SA-2022-2411.NASL", "EULEROS_SA-2022-2424.NASL", "EULEROS_SA-2022-2486.NASL", "EULEROS_SA-2022-2501.NASL", "EULEROS_SA-2022-2512.NASL", "EULEROS_SA-2022-2517.NASL", "EULEROS_SA-2022-2525.NASL", "EULEROS_SA-2022-2526.NASL", "EULEROS_SA-2022-2534.NASL", "EULEROS_SA-2022-2543.NASL", "EULEROS_SA-2022-2549.NASL", "EULEROS_SA-2022-2560.NASL", "EULEROS_SA-2022-2568.NASL", "EULEROS_SA-2022-2572.NASL", "EULEROS_SA-2022-2578.NASL", "EULEROS_SA-2022-2598.NASL", "EULEROS_SA-2022-2603.NASL", "EULEROS_SA-2022-2608.NASL", "EULEROS_SA-2022-2622.NASL", "EULEROS_SA-2022-2659.NASL", "EULEROS_SA-2022-2691.NASL", "EULEROS_SA-2022-2723.NASL", "EULEROS_SA-2022-2724.NASL", "EULEROS_SA-2022-2736.NASL", "EULEROS_SA-2022-2758.NASL", "EULEROS_SA-2022-2759.NASL", "EULEROS_SA-2022-2771.NASL", "EULEROS_SA-2022-2816.NASL", "EULEROS_SA-2022-2817.NASL", "EULEROS_SA-2022-2831.NASL", "EULEROS_SA-2022-2841.NASL", "EULEROS_SA-2022-2842.NASL", "EULEROS_SA-2022-2852.NASL", "EULEROS_SA-2022-2857.NASL", "EULEROS_SA-2022-2870.NASL", "EULEROS_SA-2022-2888.NASL", "EULEROS_SA-2022-2911.NASL", "EULEROS_SA-2022-2937.NASL", "EULEROS_SA-2023-1004.NASL", "EULEROS_SA-2023-1007.NASL", "EULEROS_SA-2023-1029.NASL", "EULEROS_SA-2023-1032.NASL", "EULEROS_SA-2023-1052.NASL", "EULEROS_SA-2023-1057.NASL", "EULEROS_SA-2023-1062.NASL", "EULEROS_SA-2023-1065.NASL", "EULEROS_SA-2023-1068.NASL", "EULEROS_SA-2023-1094.NASL", "EULEROS_SA-2023-1111.NASL", "EULEROS_SA-2023-1118.NASL", "EULEROS_SA-2023-1135.NASL", "EULEROS_SA-2023-1144.NASL", "EULEROS_SA-2023-1155.NASL", "EULEROS_SA-2023-1165.NASL", "EULEROS_SA-2023-1176.NASL", "EULEROS_SA-2023-1187.NASL", "EULEROS_SA-2023-1188.NASL", "EULEROS_SA-2023-1197.NASL", "EULEROS_SA-2023-1217.NASL", "EULEROS_SA-2023-1218.NASL", "EULEROS_SA-2023-1227.NASL", "EULEROS_SA-2023-1244.NASL", "EULEROS_SA-2023-1254.NASL", "EULEROS_SA-2023-1266.NASL", "EULEROS_SA-2023-1268.NASL", "EULEROS_SA-2023-1271.NASL", "EULEROS_SA-2023-1281.NASL", "EULEROS_SA-2023-1285.NASL", "EULEROS_SA-2023-1305.NASL", "EULEROS_SA-2023-1315.NASL", "EULEROS_SA-2023-1335.NASL", "EULEROS_SA-2023-1349.NASL", "EULEROS_SA-2023-1370.NASL", "EULEROS_SA-2023-1377.NASL", "EULEROS_SA-2023-1398.NASL", "EULEROS_SA-2023-1405.NASL", "EULEROS_SA-2023-1416.NASL", "EULEROS_SA-2023-1420.NASL", "EULEROS_SA-2023-1431.NASL", "EULEROS_SA-2023-1503.NASL", "EULEROS_SA-2023-1620.NASL", "EULEROS_SA-2023-1629.NASL", "EULEROS_SA-2023-1654.NASL", "EULEROS_SA-2023-1663.NASL", "EULEROS_SA-2023-1693.NASL", "EULEROS_SA-2023-1701.NASL", "EULEROS_SA-2023-1729.NASL", "EULEROS_SA-2023-1741.NASL", "EULEROS_SA-2023-1748.NASL", "EULEROS_SA-2023-1884.NASL", "EULEROS_SA-2023-1915.NASL", "EULEROS_SA-2023-2033.NASL", "EULEROS_SA-2023-2035.NASL", "EULEROS_SA-2023-2048.NASL", "EULEROS_SA-2023-2054.NASL", "EULEROS_SA-2023-2085.NASL", "EULEROS_SA-2023-2087.NASL", "EULEROS_SA-2023-2099.NASL", "EULEROS_SA-2023-2106.NASL", "EULEROS_SA-2023-2220.NASL", "EULEROS_SA-2023-2230.NASL", "F5_BIGIP_SOL11426315.NASL", "F5_BIGIP_SOL19559038.NASL", "F5_BIGIP_SOL21548854.NASL", "F5_BIGIP_SOL24207649.NASL", "F5_BIGIP_SOL24624116.NASL", "F5_BIGIP_SOL31323265.NASL", "F5_BIGIP_SOL32760744.NASL", "F5_BIGIP_SOL77326807.NASL", "FEDORA_2019-1A10C04281.NASL", "FEDORA_2019-8641591B3C.NASL", "FEDORA_2019-8FB8240D14.NASL", "FEDORA_2019-A01751837D.NASL", "FEDORA_2019-A1AF621FAF.NASL", "FEDORA_2020-0477F8840E.NASL", "FEDORA_2020-4355EA258E.NASL", "FEDORA_2020-7EB7EAC270.NASL", "FEDORA_2020-847AD856AB.NASL", "FEDORA_2020-C83556709C.NASL", "FEDORA_2020-D7ED9F18FF.NASL", "FEDORA_2020-F4F5E49CB8.NASL", "FEDORA_2021-2AB8EBCABC.NASL", "FEDORA_2021-662680E477.NASL", "FEDORA_2021-8D52A8A999.NASL", "FEDORA_2021-A1F51FC418.NASL", "FREEBSD_PKG_0A305431BC9811EAA051001B217B3468.NASL", "FREEBSD_PKG_0C52ABDE717B11ED98CA40B034429ECF.NASL", "FREEBSD_PKG_2F3CD69E7DEE11EBB92E0022489AD614.NASL", "FREEBSD_PKG_36D10AF7248D11ED856ED4C9EF517024.NASL", "FREEBSD_PKG_38F2E3A0B61E11EC9EBC1C697AA5A594.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_57B1EE251A7C11EC93760800272221CC.NASL", "FREEBSD_PKG_8E15060608C911ED856ED4C9EF517024.NASL", "FREEBSD_PKG_96811D4A04EC11EC9B84D4C9EF517024.NASL", "FREEBSD_PKG_96A21236707B11EB96D8D4C9EF517024.NASL", "FREEBSD_PKG_ABC3EF3795D411EA900425FADB81ABF4.NASL", "FREEBSD_PKG_C4AC9C79AB3711EA8B5EB42E99A1B9C3.NASL", "FREEBSD_PKG_CCE76ECACA1611EB9B84D4C9EF517024.NASL", "FREEBSD_PKG_EA05C456A4FD11EC90DE1C697AA5A594.NASL", "GENTOO_GLSA-202003-08.NASL", "GENTOO_GLSA-202003-16.NASL", "GENTOO_GLSA-202006-13.NASL", "GENTOO_GLSA-202007-26.NASL", "GENTOO_GLSA-202011-05.NASL", "GENTOO_GLSA-202101-28.NASL", "GENTOO_GLSA-202103-03.NASL", "GENTOO_GLSA-202107-07.NASL", "GENTOO_GLSA-202107-13.NASL", "GENTOO_GLSA-202107-19.NASL", "GENTOO_GLSA-202107-38.NASL", "GENTOO_GLSA-202107-43.NASL", "GENTOO_GLSA-202208-24.NASL", "GENTOO_GLSA-202208-26.NASL", "GENTOO_GLSA-202209-02.NASL", "GENTOO_GLSA-202210-02.NASL", "GENTOO_GLSA-202210-03.NASL", "GENTOO_GLSA-202210-13.NASL", "GENTOO_GLSA-202210-22.NASL", "GENTOO_GLSA-202210-25.NASL", "GENTOO_GLSA-202210-42.NASL", "GOOGLE_CHROME_74_0_3729_131.NASL", "GOOGLE_CHROME_79_0_3945_79.NASL", "IBM_ASPERA_FASPEX_4_4_2_185316.NASL", "IBM_COGNOS_6828527.NASL", "IBM_MQ_6382922.NASL", "JUNIPER_JSA11293.NASL", "JUNIPER_JSA69705.NASL", "JUNIPER_JSA69715.NASL", "JUNIPER_JSA70180.NASL", "LCE_6_0_9.NASL", "MACOSX_GOOGLE_CHROME_74_0_3729_131.NASL", "MACOSX_GOOGLE_CHROME_79_0_3945_79.NASL", "MACOS_HT211931.NASL", "MACOS_HT212147.NASL", "MACOS_HT212529.NASL", "MACOS_HT213255.NASL", "MACOS_HT213256.NASL", "MACOS_HT213257.NASL", "MARIADB_10_2_42.NASL", "MARIADB_10_3_33.NASL", "MARIADB_10_3_36.NASL", "MARIADB_10_4_23.NASL", "MARIADB_10_4_26.NASL", "MARIADB_10_5_14.NASL", "MARIADB_10_5_17.NASL", "MARIADB_10_6_6.NASL", "MARIADB_10_6_9.NASL", "MARIADB_10_7_2.NASL", "MARIADB_10_7_5.NASL", "MARIADB_10_8_4.NASL", "MARIADB_10_9_2.NASL", "MARINER_HTTPD_CVE-2020-13950.NASL", "MARINER_LIBXSLT_LIBXML2_CVE-2022-29824.NASL", "MYSQL_5_7_34.NASL", "MYSQL_5_7_38.NASL", "MYSQL_5_7_39.NASL", "MYSQL_8_0_24.NASL", "MYSQL_8_0_29.NASL", "MYSQL_8_0_30.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_24.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_27.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_30.NASL", "NESSUS_TNS-2022-11.NASL", "NESSUS_TNS-2022-20.NASL", "NESSUS_TNS-2022-26.NASL", "NESSUS_TNS-2023-20.NASL", "NESSUS_TNS_2022_06.NASL", "NEWSTART_CGSL_NS-SA-2022-0016_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2022-0017_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2022-0041_BIND.NASL", "NEWSTART_CGSL_NS-SA-2022-0042_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2022-0067_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2022-0069_GLIB2.NASL", "NEWSTART_CGSL_NS-SA-2022-0076_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2022-0085_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2022-0088_LIBGCRYPT.NASL", "NEWSTART_CGSL_NS-SA-2022-0089_JSON-C.NASL", "NEWSTART_CGSL_NS-SA-2022-0096_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2022-0104_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2023-0002_ZLIB.NASL", "NEWSTART_CGSL_NS-SA-2023-0004_ZLIB.NASL", "NEWSTART_CGSL_NS-SA-2023-0006_BIND.NASL", "NEWSTART_CGSL_NS-SA-2023-0006_RSYNC.NASL", "NEWSTART_CGSL_NS-SA-2023-0021_ZLIB.NASL", "NEWSTART_CGSL_NS-SA-2023-0025_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2023-0029_BIND.NASL", "NNM_5_13_1.NASL", "NNM_6_0_0.NASL", "NNM_6_0_1.NASL", "NODEJS_2021_FEB.NASL", "NODEJS_MODULE_VM2_3_9_11.NASL", "NUTANIX_NXSA-AHV-20201105_2244.NASL", "NUTANIX_NXSA-AHV-20201105_2286.NASL", "NUTANIX_NXSA-AHV-20201105_2298.NASL", "NUTANIX_NXSA-AHV-20201105_30007.NASL", "NUTANIX_NXSA-AHV-20201105_30398.NASL", "NUTANIX_NXSA-AHV-20220304_10013.NASL", "NUTANIX_NXSA-AHV-20220304_242.NASL", "NUTANIX_NXSA-AOS-5_20_2.NASL", "NUTANIX_NXSA-AOS-5_20_3.NASL", "NUTANIX_NXSA-AOS-5_20_3_6.NASL", "NUTANIX_NXSA-AOS-5_20_4.NASL", "NUTANIX_NXSA-AOS-5_20_4_5.NASL", "NUTANIX_NXSA-AOS-5_20_5.NASL", "NUTANIX_NXSA-AOS-6_0_1_6.NASL", "NUTANIX_NXSA-AOS-6_0_2.NASL", "NUTANIX_NXSA-AOS-6_0_2_5.NASL", "NUTANIX_NXSA-AOS-6_1.NASL", "NUTANIX_NXSA-AOS-6_1_1.NASL", "NUTANIX_NXSA-AOS-6_1_1_5.NASL", "NUTANIX_NXSA-AOS-6_6.NASL", "OPENSSL_1_0_2Y.NASL", "OPENSSL_1_0_2ZA.NASL", "OPENSSL_1_0_2ZD.NASL", "OPENSSL_1_1_1J.NASL", "OPENSSL_1_1_1L.NASL", "OPENSSL_1_1_1N.NASL", "OPENSSL_3_0_2.NASL", "OPENSUSE-2019-1456.NASL", "OPENSUSE-2019-1666.NASL", "OPENSUSE-2019-2550.NASL", "OPENSUSE-2019-2551.NASL", "OPENSUSE-2019-2692.NASL", "OPENSUSE-2021-1058.NASL", "OPENSUSE-2021-1130.NASL", "OPENSUSE-2021-1188.NASL", "OPENSUSE-2021-1189.NASL", "OPENSUSE-2021-1248.NASL", "OPENSUSE-2021-1261.NASL", "OPENSUSE-2021-1366.NASL", "OPENSUSE-2021-1374.NASL", "OPENSUSE-2021-1402.NASL", "OPENSUSE-2021-1441.NASL", "OPENSUSE-2021-1521.NASL", "OPENSUSE-2021-1598.NASL", "OPENSUSE-2021-1826.NASL", "OPENSUSE-2021-2127.NASL", "OPENSUSE-2021-2157.NASL", "OPENSUSE-2021-2196.NASL", "OPENSUSE-2021-2320.NASL", "OPENSUSE-2021-2575.NASL", "OPENSUSE-2021-2637.NASL", "OPENSUSE-2021-2682.NASL", "OPENSUSE-2021-2685.NASL", "OPENSUSE-2021-2795.NASL", "OPENSUSE-2021-2827.NASL", "OPENSUSE-2021-2830.NASL", "OPENSUSE-2021-2966.NASL", "OPENSUSE-2021-2994.NASL", "OPENSUSE-2021-3291.NASL", "OPENSUSE-2021-3529.NASL", "OPENSUSE-2021-357.NASL", "OPENSUSE-2021-372.NASL", "OPENSUSE-2021-3773.NASL", "OPENSUSE-2021-3839.NASL", "OPENSUSE-2021-3841.NASL", "OPENSUSE-2021-3945.NASL", "OPENSUSE-2021-4001.NASL", "OPENSUSE-2021-4002.NASL", "OPENSUSE-2021-427.NASL", "OPENSUSE-2021-430.NASL", "OPENSUSE-2021-668.NASL", "OPENSUSE-2021-908.NASL", "OPENSUSE-2021-919.NASL", "OPENSUSE-2021-962.NASL", "OPENSUSE-2022-0064-1.NASL", "OPENSUSE-2022-0144-1.NASL", "OPENSUSE-2022-0151-1.NASL", "OPENSUSE-2022-0184-1.NASL", "OPENSUSE-2022-0330-1.NASL", "OPENSUSE-2022-0856-1.NASL", "OPENSUSE-2022-0942-1.NASL", "OPENSUSE-2022-10126-1.NASL", "OPENSUSE-2022-1061-1.NASL", "OPENSUSE-2022-1091-1.NASL", "ORACLELINUX_ELSA-2021-3325.NASL", "ORACLELINUX_ELSA-2021-3798.NASL", "ORACLELINUX_ELSA-2021-4150.NASL", "ORACLELINUX_ELSA-2021-4151.NASL", "ORACLELINUX_ELSA-2021-4160.NASL", "ORACLELINUX_ELSA-2021-4162.NASL", "ORACLELINUX_ELSA-2021-4201.NASL", "ORACLELINUX_ELSA-2021-4358.NASL", "ORACLELINUX_ELSA-2021-4373.NASL", "ORACLELINUX_ELSA-2021-4382.NASL", "ORACLELINUX_ELSA-2021-4384.NASL", "ORACLELINUX_ELSA-2021-4385.NASL", "ORACLELINUX_ELSA-2021-4386.NASL", "ORACLELINUX_ELSA-2021-4387.NASL", "ORACLELINUX_ELSA-2021-4396.NASL", "ORACLELINUX_ELSA-2021-4408.NASL", "ORACLELINUX_ELSA-2021-4409.NASL", "ORACLELINUX_ELSA-2021-4424.NASL", "ORACLELINUX_ELSA-2021-4426.NASL", "ORACLELINUX_ELSA-2021-4455.NASL", "ORACLELINUX_ELSA-2021-4464.NASL", "ORACLELINUX_ELSA-2021-4489.NASL", "ORACLELINUX_ELSA-2021-4510.NASL", "ORACLELINUX_ELSA-2021-4513.NASL", "ORACLELINUX_ELSA-2021-5226.NASL", "ORACLELINUX_ELSA-2021-9478.NASL", "ORACLELINUX_ELSA-2021-9528.NASL", "ORACLELINUX_ELSA-2021-9553.NASL", "ORACLELINUX_ELSA-2021-9560.NASL", "ORACLELINUX_ELSA-2021-9561.NASL", "ORACLELINUX_ELSA-2021-9632.NASL", "ORACLELINUX_ELSA-2022-0064.NASL", "ORACLELINUX_ELSA-2022-0368.NASL", "ORACLELINUX_ELSA-2022-0370.NASL", "ORACLELINUX_ELSA-2022-0892.NASL", "ORACLELINUX_ELSA-2022-0896.NASL", "ORACLELINUX_ELSA-2022-0899.NASL", "ORACLELINUX_ELSA-2022-1065.NASL", "ORACLELINUX_ELSA-2022-1066.NASL", "ORACLELINUX_ELSA-2022-1642.NASL", "ORACLELINUX_ELSA-2022-2031.NASL", "ORACLELINUX_ELSA-2022-2092.NASL", "ORACLELINUX_ELSA-2022-2201.NASL", "ORACLELINUX_ELSA-2022-2213.NASL", "ORACLELINUX_ELSA-2022-4584.NASL", "ORACLELINUX_ELSA-2022-4592.NASL", "ORACLELINUX_ELSA-2022-4899.NASL", "ORACLELINUX_ELSA-2022-5163.NASL", "ORACLELINUX_ELSA-2022-5250.NASL", "ORACLELINUX_ELSA-2022-5311.NASL", "ORACLELINUX_ELSA-2022-5317.NASL", "ORACLELINUX_ELSA-2022-5326.NASL", "ORACLELINUX_ELSA-2022-8418.NASL", "ORACLELINUX_ELSA-2022-8420.NASL", "ORACLELINUX_ELSA-2022-9017.NASL", "ORACLELINUX_ELSA-2022-9023.NASL", "ORACLELINUX_ELSA-2022-9224.NASL", "ORACLELINUX_ELSA-2022-9225.NASL", "ORACLELINUX_ELSA-2022-9233.NASL", "ORACLELINUX_ELSA-2022-9234.NASL", "ORACLELINUX_ELSA-2022-9237.NASL", "ORACLELINUX_ELSA-2022-9243.NASL", "ORACLELINUX_ELSA-2022-9246.NASL", "ORACLELINUX_ELSA-2022-9249.NASL", "ORACLELINUX_ELSA-2022-9255.NASL", "ORACLELINUX_ELSA-2022-9258.NASL", "ORACLELINUX_ELSA-2022-9263.NASL", "ORACLELINUX_ELSA-2022-9272.NASL", "ORACLELINUX_ELSA-2022-9358.NASL", "ORACLELINUX_ELSA-2022-9421.NASL", "ORACLELINUX_ELSA-2022-9564.NASL", "ORACLELINUX_ELSA-2022-9565.NASL", "ORACLELINUX_ELSA-2023-12349.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2023.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_APR_2022.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JAN_2022.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_27.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_28.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_29.NASL", "ORACLE_NOSQL_CPU_APR_2021.NASL", "ORACLE_PRIMAVERA_UNIFIER_CPU_OCT_2022.NASL", "ORACLE_RDBMS_CPU_JAN_2023.NASL", "ORACLE_RDBMS_CPU_JAN_2023_WIN.NASL", "ORACLE_RDBMS_CPU_JUL_2022.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_JUL_2022.NASL", "PALO_ALTO_CVE-2022-0778.NASL", "PALO_ALTO_GLOBALPROTECT_AGENT_CVE-2022-0778.NASL", "PFSENSE_2_4_5_P1.NASL", "PHOTONOS_PHSA-2019-2_0-0198_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0264_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0281_NCURSES.NASL", "PHOTONOS_PHSA-2020-1_0-0298_JSON.NASL", "PHOTONOS_PHSA-2020-1_0-0298_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0249_JSON.NASL", "PHOTONOS_PHSA-2020-2_0-0249_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0256_PCRE.NASL", "PHOTONOS_PHSA-2020-3_0-0101_SQLITE.NASL", "PHOTONOS_PHSA-2020-3_0-0108_PCRE.NASL", "PHOTONOS_PHSA-2021-1_0-0366_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0376_GLIB.NASL", "PHOTONOS_PHSA-2021-1_0-0391_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-1_0-0396_LIBSOLV.NASL", "PHOTONOS_PHSA-2021-1_0-0401_GLIBC.NASL", "PHOTONOS_PHSA-2021-1_0-0409_HTTPD.NASL", "PHOTONOS_PHSA-2021-1_0-0414_RPM.NASL", "PHOTONOS_PHSA-2021-1_0-0422_GLIBC.NASL", "PHOTONOS_PHSA-2021-1_0-0428_GLIBC.NASL", "PHOTONOS_PHSA-2021-1_0-0429_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0435_LIBSEPOL.NASL", "PHOTONOS_PHSA-2021-1_0-0448_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-2_0-0333_GLIB.NASL", "PHOTONOS_PHSA-2021-2_0-0348_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-2_0-0354_GLIBC.NASL", "PHOTONOS_PHSA-2021-2_0-0355_LIBSOLV.NASL", "PHOTONOS_PHSA-2021-2_0-0365_HTTPD.NASL", "PHOTONOS_PHSA-2021-2_0-0377_GLIBC.NASL", "PHOTONOS_PHSA-2021-2_0-0383_GLIBC.NASL", "PHOTONOS_PHSA-2021-2_0-0383_NXTGN.NASL", "PHOTONOS_PHSA-2021-2_0-0383_OPENSSL.NASL", "PHOTONOS_PHSA-2021-2_0-0395_LIBSEPOL.NASL", "PHOTONOS_PHSA-2021-2_0-0412_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-3_0-0213_GLIB.NASL", "PHOTONOS_PHSA-2021-3_0-0240_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-3_0-0241_RPM.NASL", "PHOTONOS_PHSA-2021-3_0-0251_GLIBC.NASL", "PHOTONOS_PHSA-2021-3_0-0253_LIBSOLV.NASL", "PHOTONOS_PHSA-2021-3_0-0253_PYTHON.NASL", "PHOTONOS_PHSA-2021-3_0-0257_HTTPD.NASL", "PHOTONOS_PHSA-2021-3_0-0257_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2021-3_0-0281_GLIBC.NASL", "PHOTONOS_PHSA-2021-3_0-0290_NXTGN.NASL", "PHOTONOS_PHSA-2021-3_0-0290_OPENSSL.NASL", "PHOTONOS_PHSA-2021-3_0-0295_GLIBC.NASL", "PHOTONOS_PHSA-2021-3_0-0303_LIBSEPOL.NASL", "PHOTONOS_PHSA-2021-3_0-0327_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-3_0-0327_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2021-4_0-0007_GLIB.NASL", "PHOTONOS_PHSA-2021-4_0-0007_OPENSSL.NASL", "PHOTONOS_PHSA-2021-4_0-0030_RPM.NASL", "PHOTONOS_PHSA-2021-4_0-0039_BINDUTILS.NASL", "PHOTONOS_PHSA-2021-4_0-0043_LIBSOLV.NASL", "PHOTONOS_PHSA-2021-4_0-0047_PYTHON3.NASL", "PHOTONOS_PHSA-2021-4_0-0051_LIBGCRYPT.NASL", "PHOTONOS_PHSA-2021-4_0-0077_GLIBC.NASL", "PHOTONOS_PHSA-2021-4_0-0094_OPENSSL.NASL", "PHOTONOS_PHSA-2021-4_0-0095_GLIBC.NASL", "QNAP_QTS_QUTS_HERO_QSA-21-40.NASL", "REDHAT-RHSA-2019-1243.NASL", "REDHAT-RHSA-2019-4238.NASL", "REDHAT-RHSA-2021-3252.NASL", "REDHAT-RHSA-2021-3254.NASL", "REDHAT-RHSA-2021-3325.NASL", "REDHAT-RHSA-2021-3798.NASL", "REDHAT-RHSA-2021-4139.NASL", "REDHAT-RHSA-2021-4150.NASL", "REDHAT-RHSA-2021-4151.NASL", "REDHAT-RHSA-2021-4160.NASL", "REDHAT-RHSA-2021-4161.NASL", "REDHAT-RHSA-2021-4162.NASL", "REDHAT-RHSA-2021-4198.NASL", "REDHAT-RHSA-2021-4201.NASL", "REDHAT-RHSA-2021-4358.NASL", "REDHAT-RHSA-2021-4373.NASL", "REDHAT-RHSA-2021-4382.NASL", "REDHAT-RHSA-2021-4384.NASL", "REDHAT-RHSA-2021-4385.NASL", "REDHAT-RHSA-2021-4386.NASL", "REDHAT-RHSA-2021-4387.NASL", "REDHAT-RHSA-2021-4396.NASL", "REDHAT-RHSA-2021-4408.NASL", "REDHAT-RHSA-2021-4409.NASL", "REDHAT-RHSA-2021-4424.NASL", "REDHAT-RHSA-2021-4426.NASL", "REDHAT-RHSA-2021-4455.NASL", "REDHAT-RHSA-2021-4464.NASL", "REDHAT-RHSA-2021-4489.NASL", "REDHAT-RHSA-2021-4510.NASL", "REDHAT-RHSA-2021-4513.NASL", "REDHAT-RHSA-2021-4614.NASL", "REDHAT-RHSA-2021-4750.NASL", "REDHAT-RHSA-2021-4861.NASL", "REDHAT-RHSA-2021-5226.NASL", "REDHAT-RHSA-2022-0064.NASL", "REDHAT-RHSA-2022-0254.NASL", "REDHAT-RHSA-2022-0368.NASL", "REDHAT-RHSA-2022-0370.NASL", "REDHAT-RHSA-2022-0634.NASL", "REDHAT-RHSA-2022-0892.NASL", "REDHAT-RHSA-2022-0896.NASL", "REDHAT-RHSA-2022-0899.NASL", "REDHAT-RHSA-2022-1065.NASL", "REDHAT-RHSA-2022-1066.NASL", "REDHAT-RHSA-2022-1071.NASL", "REDHAT-RHSA-2022-1073.NASL", "REDHAT-RHSA-2022-1076.NASL", "REDHAT-RHSA-2022-1077.NASL", "REDHAT-RHSA-2022-1078.NASL", "REDHAT-RHSA-2022-1082.NASL", "REDHAT-RHSA-2022-1091.NASL", "REDHAT-RHSA-2022-1112.NASL", "REDHAT-RHSA-2022-1263.NASL", "REDHAT-RHSA-2022-1389.NASL", "REDHAT-RHSA-2022-1519.NASL", "REDHAT-RHSA-2022-1591.NASL", "REDHAT-RHSA-2022-1642.NASL", "REDHAT-RHSA-2022-1661.NASL", "REDHAT-RHSA-2022-2031.NASL", "REDHAT-RHSA-2022-2092.NASL", "REDHAT-RHSA-2022-2192.NASL", "REDHAT-RHSA-2022-2197.NASL", "REDHAT-RHSA-2022-2198.NASL", "REDHAT-RHSA-2022-2201.NASL", "REDHAT-RHSA-2022-2213.NASL", "REDHAT-RHSA-2022-2214.NASL", "REDHAT-RHSA-2022-4584.NASL", "REDHAT-RHSA-2022-4592.NASL", "REDHAT-RHSA-2022-4845.NASL", "REDHAT-RHSA-2022-4896.NASL", "REDHAT-RHSA-2022-4899.NASL", "REDHAT-RHSA-2022-5163.NASL", "REDHAT-RHSA-2022-5250.NASL", "REDHAT-RHSA-2022-5311.NASL", "REDHAT-RHSA-2022-5317.NASL", "REDHAT-RHSA-2022-5326.NASL", "REDHAT-RHSA-2022-5439.NASL", "REDHAT-RHSA-2022-7813.NASL", "REDHAT-RHSA-2022-8418.NASL", "REDHAT-RHSA-2022-8420.NASL", "REDHAT-RHSA-2023-0943.NASL", "REDHAT-RHSA-2023-0975.NASL", "REDHAT-RHSA-2023-0976.NASL", "ROCKY_LINUX_RLSA-2021-4358.NASL", "ROCKY_LINUX_RLSA-2021-4409.NASL", "ROCKY_LINUX_RLSA-2021-5226.NASL", "ROCKY_LINUX_RLSA-2022-1065.NASL", "ROCKY_LINUX_RLSA-2022-2031.NASL", "ROCKY_LINUX_RLSA-2022-368.NASL", "ROCKY_LINUX_RLSA-2022-370.NASL", "ROCKY_LINUX_RLSA-2022-5163.NASL", "ROCKY_LINUX_RLSA-2022-896.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SECURITYCENTER_5_21_0_TNS_2022_04_1.NASL", "SECURITYCENTER_OPENSSL_1_1_1J_TNS_2021_03.NASL", "SECURITYCENTER_OPENSSL_1_1_1L_TNS_2021_16.NASL", "SLACKWARE_SSA_2021-118-01.NASL", "SLACKWARE_SSA_2021-158-01.NASL", "SLACKWARE_SSA_2022-059-01.NASL", "SLACKWARE_SSA_2022-076-02.NASL", "SLACKWARE_SSA_2022-087-01.NASL", "SLACKWARE_SSA_2022-122-01.NASL", "SLACKWARE_SSA_2022-228-01.NASL", "SL_20210831_BIND_ON_SL7_X.NASL", "SL_20220112_OPENSSL_ON_SL7_X.NASL", "SL_20220517_ZLIB_ON_SL7_X.NASL", "SOLARIS10_148419-04.NASL", "SOLARIS10_X86_148420-04.NASL", "SOLARIS_JAN2023_SRU11_4_53_132_2.NASL", "SOLARIS_JUL2021_SRU11_3_36_26_0.NASL", "SUSE_SU-2019-2997-1.NASL", "SUSE_SU-2019-3094-1.NASL", "SUSE_SU-2021-0649-1.NASL", "SUSE_SU-2021-0651-1.NASL", "SUSE_SU-2021-0673-1.NASL", "SUSE_SU-2021-0674-1.NASL", "SUSE_SU-2021-0725-1.NASL", "SUSE_SU-2021-0752-1.NASL", "SUSE_SU-2021-0753-1.NASL", "SUSE_SU-2021-0754-1.NASL", "SUSE_SU-2021-0755-1.NASL", "SUSE_SU-2021-0769-1.NASL", "SUSE_SU-2021-0793-1.NASL", "SUSE_SU-2021-0939-1.NASL", "SUSE_SU-2021-14644-1.NASL", "SUSE_SU-2021-14667-1.NASL", "SUSE_SU-2021-14670-1.NASL", "SUSE_SU-2021-1468-1.NASL", "SUSE_SU-2021-1469-1.NASL", "SUSE_SU-2021-1471-1.NASL", "SUSE_SU-2021-14714-1.NASL", "SUSE_SU-2021-14751-1.NASL", "SUSE_SU-2021-14791-1.NASL", "SUSE_SU-2021-14792-1.NASL", "SUSE_SU-2021-14801-1.NASL", "SUSE_SU-2021-14802-1.NASL", "SUSE_SU-2021-14822-1.NASL", "SUSE_SU-2021-1826-1.NASL", "SUSE_SU-2021-2127-1.NASL", "SUSE_SU-2021-2145-1.NASL", "SUSE_SU-2021-2155-1.NASL", "SUSE_SU-2021-2156-1.NASL", "SUSE_SU-2021-2157-1.NASL", "SUSE_SU-2021-2180-1.NASL", "SUSE_SU-2021-2196-1.NASL", "SUSE_SU-2021-2320-1.NASL", "SUSE_SU-2021-2480-1.NASL", "SUSE_SU-2021-2564-1.NASL", "SUSE_SU-2021-2636-1.NASL", "SUSE_SU-2021-2637-1.NASL", "SUSE_SU-2021-2638-1.NASL", "SUSE_SU-2021-2682-1.NASL", "SUSE_SU-2021-2795-1.NASL", "SUSE_SU-2021-2825-1.NASL", "SUSE_SU-2021-2826-1.NASL", "SUSE_SU-2021-2827-1.NASL", "SUSE_SU-2021-2829-1.NASL", "SUSE_SU-2021-2830-1.NASL", "SUSE_SU-2021-2831-1.NASL", "SUSE_SU-2021-2833-1.NASL", "SUSE_SU-2021-2852-1.NASL", "SUSE_SU-2021-2966-1.NASL", "SUSE_SU-2021-2967-1.NASL", "SUSE_SU-2021-2968-1.NASL", "SUSE_SU-2021-2994-1.NASL", "SUSE_SU-2021-2995-1.NASL", "SUSE_SU-2021-2996-1.NASL", "SUSE_SU-2021-3019-1.NASL", "SUSE_SU-2021-3144-1.NASL", "SUSE_SU-2021-3215-1.NASL", "SUSE_SU-2021-3289-1.NASL", "SUSE_SU-2021-3290-1.NASL", "SUSE_SU-2021-3291-1.NASL", "SUSE_SU-2021-3385-1.NASL", "SUSE_SU-2021-3444-1.NASL", "SUSE_SU-2021-3473-1.NASL", "SUSE_SU-2021-3529-1.NASL", "SUSE_SU-2021-3652-1.NASL", "SUSE_SU-2021-3657-1.NASL", "SUSE_SU-2021-3773-1.NASL", "SUSE_SU-2021-3814-1.NASL", "SUSE_SU-2021-3839-1.NASL", "SUSE_SU-2021-3840-1.NASL", "SUSE_SU-2021-3841-1.NASL", "SUSE_SU-2021-3945-1.NASL", "SUSE_SU-2021-4001-1.NASL", "SUSE_SU-2021-4002-1.NASL", "SUSE_SU-2021-4051-1.NASL", "SUSE_SU-2021-4161-1.NASL", "SUSE_SU-2022-0060-1.NASL", "SUSE_SU-2022-0064-1.NASL", "SUSE_SU-2022-0144-1.NASL", "SUSE_SU-2022-0151-1.NASL", "SUSE_SU-2022-0184-1.NASL", "SUSE_SU-2022-0184-2.NASL", "SUSE_SU-2022-0330-1.NASL", "SUSE_SU-2022-0441-1.NASL", "SUSE_SU-2022-0802-1.NASL", "SUSE_SU-2022-0828-1.NASL", "SUSE_SU-2022-0832-1.NASL", "SUSE_SU-2022-0851-1.NASL", "SUSE_SU-2022-0853-1.NASL", "SUSE_SU-2022-0854-1.NASL", "SUSE_SU-2022-0856-1.NASL", "SUSE_SU-2022-0857-1.NASL", "SUSE_SU-2022-0859-1.NASL", "SUSE_SU-2022-0860-1.NASL", "SUSE_SU-2022-0909-1.NASL", "SUSE_SU-2022-0935-1.NASL", "SUSE_SU-2022-0942-1.NASL", "SUSE_SU-2022-1023-1.NASL", "SUSE_SU-2022-1043-1.NASL", "SUSE_SU-2022-1044-1.NASL", "SUSE_SU-2022-1061-1.NASL", "SUSE_SU-2022-1062-1.NASL", "SUSE_SU-2022-1091-1.NASL", "SUSE_SU-2022-1094-1.NASL", "SUSE_SU-2022-1308-1.NASL", "SUSE_SU-2022-1455-1.NASL", "SUSE_SU-2022-1455-2.NASL", "SUSE_SU-2022-1459-1.NASL", "SUSE_SU-2022-1461-1.NASL", "SUSE_SU-2022-1462-1.NASL", "SUSE_SU-2022-1485-1.NASL", "SUSE_SU-2022-14904-1.NASL", "SUSE_SU-2022-14915-1.NASL", "SUSE_SU-2022-14916-1.NASL", "SUSE_SU-2022-14923-1.NASL", "SUSE_SU-2022-14929-1.NASL", "SUSE_SU-2022-1750-1.NASL", "SUSE_SU-2022-1758-1.NASL", "SUSE_SU-2022-1758-2.NASL", "SUSE_SU-2022-1833-1.NASL", "SUSE_SU-2022-2351-1.NASL", "SUSE_SU-2022-2552-1.NASL", "SUSE_SU-2022-2713-1.NASL", "SUSE_SU-2022-3001-1.NASL", "SUSE_SU-2022-3225-1.NASL", "SUSE_SU-2022-3306-1.NASL", "SUSE_SU-2022-3393-1.NASL", "SUSE_SU-2022-3590-1.NASL", "SUSE_SU-2022-3935-1.NASL", "SUSE_SU-2022-3936-1.NASL", "SUSE_SU-2022-3939-1.NASL", "SUSE_SU-2023-2048-1.NASL", "SUSE_SU-2023-2135-1.NASL", "TENABLE_NESSUS_AGENT_TNS-2022-07.NASL", "TENABLE_NESSUS_AGENT_TNS_2021_04.NASL", "TENABLE_OT_SIEMENS_CVE-2018-25032.NASL", "UBUNTU_USN-4205-1.NASL", "UBUNTU_USN-4298-1.NASL", "UBUNTU_USN-4360-1.NASL", "UBUNTU_USN-4360-4.NASL", "UBUNTU_USN-4394-1.NASL", "UBUNTU_USN-4447-1.NASL", "UBUNTU_USN-4738-1.NASL", "UBUNTU_USN-4764-1.NASL", "UBUNTU_USN-4885-1.NASL", "UBUNTU_USN-4897-1.NASL", "UBUNTU_USN-4929-1.NASL", "UBUNTU_USN-4994-1.NASL", "UBUNTU_USN-5051-1.NASL", "UBUNTU_USN-5051-2.NASL", "UBUNTU_USN-5051-3.NASL", "UBUNTU_USN-5053-1.NASL", "UBUNTU_USN-5080-1.NASL", "UBUNTU_USN-5080-2.NASL", "UBUNTU_USN-5088-1.NASL", "UBUNTU_USN-5126-1.NASL", "UBUNTU_USN-5126-2.NASL", "UBUNTU_USN-5189-1.NASL", "UBUNTU_USN-5286-1.NASL", "UBUNTU_USN-5291-1.NASL", "UBUNTU_USN-5310-1.NASL", "UBUNTU_USN-5310-2.NASL", "UBUNTU_USN-5324-1.NASL", "UBUNTU_USN-5328-1.NASL", "UBUNTU_USN-5328-2.NASL", "UBUNTU_USN-5355-1.NASL", "UBUNTU_USN-5355-2.NASL", "UBUNTU_USN-5359-1.NASL", "UBUNTU_USN-5359-2.NASL", "UBUNTU_USN-5391-1.NASL", "UBUNTU_USN-5422-1.NASL", "UBUNTU_USN-5425-1.NASL", "UBUNTU_USN-5477-1.NASL", "UBUNTU_USN-5699-1.NASL", "UBUNTU_USN-5701-1.NASL", "UBUNTU_USN-5739-1.NASL", "UBUNTU_USN-6099-1.NASL", "UBUNTU_USN-6102-1.NASL", "WEB_APPLICATION_SCANNING_112806"]}, {"type": "nodejs", "idList": ["NODEJS:1763"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:FEBRUARY-2021-SECURITY-RELEASES", "NODEJSBLOG:MAR-2022-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2021-23840", "OPENSSL:CVE-2021-23841", "OPENSSL:CVE-2021-3712", "OPENSSL:CVE-2022-0778"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310704500", "OPENVAS:1361412562310704606", "OPENVAS:1361412562310815042", "OPENVAS:1361412562310815043", "OPENVAS:1361412562310815044", "OPENVAS:1361412562310815871", "OPENVAS:1361412562310815872", "OPENVAS:1361412562310815873", "OPENVAS:1361412562310844254", "OPENVAS:1361412562310844360", "OPENVAS:1361412562310844431", "OPENVAS:1361412562310844449", "OPENVAS:1361412562310844467", "OPENVAS:1361412562310852519", "OPENVAS:1361412562310852598", "OPENVAS:1361412562310852783", "OPENVAS:1361412562310852858", "OPENVAS:1361412562310852924", "OPENVAS:1361412562310876388", "OPENVAS:1361412562310876455", "OPENVAS:1361412562310876549", "OPENVAS:1361412562310876604", "OPENVAS:1361412562310876614", "OPENVAS:1361412562310876645", "OPENVAS:1361412562310877072", "OPENVAS:1361412562310877318", "OPENVAS:1361412562310877374", "OPENVAS:1361412562310877842", "OPENVAS:1361412562310877880", "OPENVAS:1361412562310877901", "OPENVAS:1361412562310877945", "OPENVAS:1361412562310892228", "OPENVAS:1361412562311220192292", "OPENVAS:1361412562311220192420", "OPENVAS:1361412562311220192544", "OPENVAS:1361412562311220192634", "OPENVAS:1361412562311220201064", "OPENVAS:1361412562311220201142", "OPENVAS:1361412562311220201206", "OPENVAS:1361412562311220201582", "OPENVAS:1361412562311220201605", "OPENVAS:1361412562311220201680", "OPENVAS:1361412562311220201693", "OPENVAS:1361412562311220201705", "OPENVAS:1361412562311220201732", "OPENVAS:1361412562311220201733"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUAPR2023", "ORACLE:CPUJAN2022", "ORACLE:CPUJAN2023", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2021-3325", "ELSA-2021-3798", "ELSA-2021-4150", "ELSA-2021-4151", "ELSA-2021-4160", "ELSA-2021-4162", "ELSA-2021-4201", "ELSA-2021-4358", "ELSA-2021-4373", "ELSA-2021-4382", "ELSA-2021-4384", "ELSA-2021-4385", "ELSA-2021-4386", "ELSA-2021-4387", "ELSA-2021-4396", "ELSA-2021-4408", "ELSA-2021-4409", "ELSA-2021-4424", "ELSA-2021-4426", "ELSA-2021-4455", "ELSA-2021-4464", "ELSA-2021-4489", "ELSA-2021-4510", "ELSA-2021-4513", "ELSA-2021-5226", "ELSA-2021-9478", "ELSA-2021-9528", "ELSA-2021-9553", "ELSA-2021-9560", "ELSA-2021-9561", "ELSA-2021-9632", "ELSA-2022-0064", "ELSA-2022-0368", "ELSA-2022-0370", "ELSA-2022-0892", "ELSA-2022-0896", "ELSA-2022-0899", "ELSA-2022-1065", "ELSA-2022-1066", "ELSA-2022-1642", "ELSA-2022-2031", "ELSA-2022-2092", "ELSA-2022-2201", "ELSA-2022-2213", "ELSA-2022-4584", "ELSA-2022-4592", "ELSA-2022-4899", "ELSA-2022-5163", "ELSA-2022-5250", "ELSA-2022-5311", "ELSA-2022-5317", "ELSA-2022-5326", "ELSA-2022-8418", "ELSA-2022-8420", "ELSA-2022-9017", "ELSA-2022-9023", "ELSA-2022-9224", "ELSA-2022-9225", "ELSA-2022-9233", "ELSA-2022-9234", "ELSA-2022-9237", "ELSA-2022-9243", "ELSA-2022-9246", "ELSA-2022-9249", "ELSA-2022-9255", "ELSA-2022-9258", "ELSA-2022-9263", "ELSA-2022-9272", "ELSA-2022-9358", "ELSA-2022-9421", "ELSA-2022-9564", "ELSA-2022-9565", "ELSA-2023-12349"]}, {"type": "osv", "idList": ["OSV:CVE-2018-25032", "OSV:CVE-2020-12762", "OSV:CVE-2020-14155", "OSV:CVE-2021-23841", "OSV:CVE-2021-25219", "OSV:CVE-2021-28153", "OSV:CVE-2021-31566", "OSV:CVE-2021-33560", "OSV:CVE-2021-3712", "OSV:CVE-2021-40528", "OSV:CVE-2022-0778", "OSV:CVE-2022-23308", "OSV:CVE-2022-29824", "OSV:DLA-2228-1", "OSV:DLA-2228-2", "OSV:DLA-2301-1", "OSV:DLA-2303-1", "OSV:DLA-2340-1", "OSV:DLA-2340-2", "OSV:DLA-2381-1", "OSV:DLA-2563-1", "OSV:DLA-2565-1", "OSV:DLA-2590-1", "OSV:DLA-2600-1", "OSV:DLA-2647-1", "OSV:DLA-2648-1", "OSV:DLA-2648-2", "OSV:DLA-2691-1", "OSV:DLA-2766-1", "OSV:DLA-2774-1", "OSV:DLA-2790-1", "OSV:DLA-2807-1", "OSV:DLA-2952-1", "OSV:DLA-2953-1", "OSV:DLA-2968-1", "OSV:DLA-2972-1", "OSV:DLA-2987-1", "OSV:DLA-2993-1", "OSV:DLA-3012-1", "OSV:DLA-3044-1", "OSV:DLA-3110-1", "OSV:DLA-3114-1", "OSV:DLA-3152-1", "OSV:DLA-3154-1", "OSV:DLA-3202-1", "OSV:DLA-3469-1", "OSV:DSA-4500-1", "OSV:DSA-4606-1", "OSV:DSA-4741-1", "OSV:DSA-4855-1", "OSV:DSA-4870-1", "OSV:DSA-4878-1", "OSV:DSA-4889-1", "OSV:DSA-4909-1", "OSV:DSA-4963-1", "OSV:DSA-4965-1", "OSV:DSA-4994-1", "OSV:DSA-5018-1", "OSV:DSA-5070-1", "OSV:DSA-5103-1", "OSV:DSA-5111-1", "OSV:DSA-5142-1", "OSV:GHSA-4V4G-726H-XVFV", "OSV:GHSA-4W2J-2RG4-5MJW", "OSV:GHSA-5XP3-JFQ3-5Q8X", "OSV:GHSA-84RM-QF37-FGC2", "OSV:GHSA-8H2J-CGX8-6XV7", "OSV:GHSA-8M5H-HRQM-PXM2", "OSV:GHSA-94HH-PJJG-RWMR", "OSV:GHSA-9654-PR4F-GH6M", "OSV:GHSA-9PGH-QQPF-7WQJ", "OSV:GHSA-9W8R-397F-PRFH", "OSV:GHSA-C28R-HW5M-5GV3", "OSV:GHSA-CGX6-HPWQ-FHV5", "OSV:GHSA-CQCC-MM6X-VMVW", "OSV:GHSA-FQ42-C5RG-92C2", "OSV:GHSA-G3RQ-G295-4J3M", "OSV:GHSA-G954-5HWP-PP24", "OSV:GHSA-H4M5-QPFP-3MPV", "OSV:GHSA-JC36-42CF-VQWJ", "OSV:GHSA-JV3G-J58F-9MQ9", "OSV:GHSA-MRGP-MRHC-5JRQ", "OSV:GHSA-PQ64-V7F5-GQH8", "OSV:GHSA-Q77Q-VX4Q-XX6Q", "OSV:GHSA-Q9WJ-F4QW-6VFJ", "OSV:GHSA-QGM6-9472-PWQ7", "OSV:GHSA-RVCW-F68W-8H8H", "OSV:GHSA-V6GP-9MMM-C6P5", "OSV:GHSA-X3MH-JVJW-3XWX", "OSV:GHSA-XFHH-G9F5-X4M4", "OSV:PYSEC-2021-100", "OSV:PYSEC-2021-140", "OSV:PYSEC-2021-141", "OSV:PYSEC-2021-421", "OSV:PYSEC-2021-437", "OSV:PYSEC-2021-66", "OSV:RUSTSEC-2021-0057", "OSV:RUSTSEC-2021-0058", "OSV:RUSTSEC-2021-0098", "OSV:RUSTSEC-2022-0014"]}, {"type": "owncloud", "idList": ["OWNCLOUD:CVE-2018-25032"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:167345", "PACKETSTORM:169825"]}, {"type": "paloalto", "idList": ["PA-CVE-2022-0778"]}, {"type": "photon", "idList": ["PHSA-2019-0190", "PHSA-2019-0198", "PHSA-2019-2.0-0190", "PHSA-2020-0047", "PHSA-2020-0049", "PHSA-2020-0093", "PHSA-2020-0101", "PHSA-2020-0108", "PHSA-2020-0249", "PHSA-2020-0256", "PHSA-2020-0264", "PHSA-2020-0281", "PHSA-2020-0298", "PHSA-2020-0305", "PHSA-2020-1.0-0264", "PHSA-2020-1.0-0281", "PHSA-2020-1.0-0298", "PHSA-2020-1.0-0305", "PHSA-2020-2.0-0198", "PHSA-2020-2.0-0249", "PHSA-2020-2.0-0256", "PHSA-2020-3.0-0047", "PHSA-2020-3.0-0049", "PHSA-2020-3.0-0093", "PHSA-2020-3.0-0101", "PHSA-2020-3.0-0108", "PHSA-2021-0007", "PHSA-2021-0030", "PHSA-2021-0038", "PHSA-2021-0039", "PHSA-2021-0043", "PHSA-2021-0047", "PHSA-2021-0051", "PHSA-2021-0077", "PHSA-2021-0094", "PHSA-2021-0123", "PHSA-2021-0124", "PHSA-2021-0129", "PHSA-2021-0140", "PHSA-2021-0200", "PHSA-2021-0213", "PHSA-2021-0240", "PHSA-2021-0241", "PHSA-2021-0251", "PHSA-2021-0253", "PHSA-2021-0257", "PHSA-2021-0281", "PHSA-2021-0290", "PHSA-2021-0303", "PHSA-2021-0325", "PHSA-2021-0333", "PHSA-2021-0348", "PHSA-2021-0354", "PHSA-2021-0355", "PHSA-2021-0361", "PHSA-2021-0365", "PHSA-2021-0366", "PHSA-2021-0376", "PHSA-2021-0377", "PHSA-2021-0378", "PHSA-2021-0383", "PHSA-2021-0395", "PHSA-2021-0396", "PHSA-2021-0412", "PHSA-2021-0414", "PHSA-2021-0429", "PHSA-2021-0435", "PHSA-2021-0448", "PHSA-2021-1.0-0366", "PHSA-2021-1.0-0376", "PHSA-2021-1.0-0391", "PHSA-2021-1.0-0396", "PHSA-2021-1.0-0401", "PHSA-2021-1.0-0409", "PHSA-2021-1.0-0414", "PHSA-2021-1.0-0422", "PHSA-2021-1.0-0429", "PHSA-2021-1.0-0435", "PHSA-2021-1.0-0448", "PHSA-2021-2.0-0325", "PHSA-2021-2.0-0333", "PHSA-2021-2.0-0348", "PHSA-2021-2.0-0354", "PHSA-2021-2.0-0355", "PHSA-2021-2.0-0365", "PHSA-2021-2.0-0377", "PHSA-2021-2.0-0383", "PHSA-2021-2.0-0395", "PHSA-2021-2.0-0412", "PHSA-2021-3.0-0200", "PHSA-2021-3.0-0213", "PHSA-2021-3.0-0240", "PHSA-2021-3.0-0241", "PHSA-2021-3.0-0251", "PHSA-2021-3.0-0253", "PHSA-2021-3.0-0257", "PHSA-2021-3.0-0281", "PHSA-2021-3.0-0290", "PHSA-2021-3.0-0303", "PHSA-2021-3.0-0327", "PHSA-2021-4.0-0007", "PHSA-2021-4.0-0030", "PHSA-2021-4.0-0038", "PHSA-2021-4.0-0039", "PHSA-2021-4.0-0043", "PHSA-2021-4.0-0047", "PHSA-2021-4.0-0051", "PHSA-2021-4.0-0077", "PHSA-2021-4.0-0094", "PHSA-2021-4.0-0123", "PHSA-2021-4.0-0124", "PHSA-2021-4.0-0129", "PHSA-2021-4.0-0140", "PHSA-2022-0145", "PHSA-2022-0155", "PHSA-2022-0162", "PHSA-2022-0167", "PHSA-2022-0171", "PHSA-2022-0198", "PHSA-2022-0243", "PHSA-2022-0246", "PHSA-2022-0300", "PHSA-2022-0353", "PHSA-2022-0356", "PHSA-2022-0371", "PHSA-2022-0373", "PHSA-2022-0375", "PHSA-2022-0381", "PHSA-2022-0399", "PHSA-2022-0411", "PHSA-2022-0434", "PHSA-2022-0450", "PHSA-2022-0452", "PHSA-2022-0464", "PHSA-2022-0479", "PHSA-2022-0512", "PHSA-2022-0513", "PHSA-2022-0515", "PHSA-2022-0517", "PHSA-2022-3.0-0353", "PHSA-2022-3.0-0356", "PHSA-2022-3.0-0371", "PHSA-2022-3.0-0373", "PHSA-2022-3.0-0375", "PHSA-2022-3.0-0381", "PHSA-2022-3.0-0399", "PHSA-2022-3.0-0411", "PHSA-2022-3.0-0445", "PHSA-2022-3.0-0447", "PHSA-2022-3.0-0449", "PHSA-2022-3.0-0452", "PHSA-2022-3.0-0507", "PHSA-2022-4.0-0145", "PHSA-2022-4.0-0155", "PHSA-2022-4.0-0162", "PHSA-2022-4.0-0167", "PHSA-2022-4.0-0171", "PHSA-2022-4.0-0198", "PHSA-2022-4.0-0243", "PHSA-2022-4.0-0246", "PHSA-2022-4.0-0300"]}, {"type": "qt", "idList": ["QT:4450E23D85850EEC88DDB90DB16B99C2"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:9F041FBF31AA14C1B0593ECDE945330B"]}, {"type": "redhat", "idList": ["RHSA-2019:1243", "RHSA-2019:4238", "RHSA-2021:0781", "RHSA-2021:1168", "RHSA-2021:3016", "RHSA-2021:3252", "RHSA-2021:3254", "RHSA-2021:3325", "RHSA-2021:3798", "RHSA-2021:3873", "RHSA-2021:3925", "RHSA-2021:3949", "RHSA-2021:4032", "RHSA-2021:4139", "RHSA-2021:4150", "RHSA-2021:4151", "RHSA-2021:4160", "RHSA-2021:4161", "RHSA-2021:4162", "RHSA-2021:4198", "RHSA-2021:4201", "RHSA-2021:4358", "RHSA-2021:4373", "RHSA-2021:4382", "RHSA-2021:4384", "RHSA-2021:4385", "RHSA-2021:4386", "RHSA-2021:4387", "RHSA-2021:4396", "RHSA-2021:4408", "RHSA-2021:4409", "RHSA-2021:4424", "RHSA-2021:4426", "RHSA-2021:4455", "RHSA-2021:4464", "RHSA-2021:4489", "RHSA-2021:4510", "RHSA-2021:4513", "RHSA-2021:4613", "RHSA-2021:4614", "RHSA-2021:4618", "RHSA-2021:4627", "RHSA-2021:4750", "RHSA-2021:4845", "RHSA-2021:4848", "RHSA-2021:4861", "RHSA-2021:4863", "RHSA-2021:4902", "RHSA-2021:4914", "RHSA-2021:5038", "RHSA-2021:5127", "RHSA-2021:5128", "RHSA-2021:5129", "RHSA-2021:5137", "RHSA-2021:5226", "RHSA-2022:0015", "RHSA-2022:0034", "RHSA-2022:0042", "RHSA-2022:0043", "RHSA-2022:0044", "RHSA-2022:0047", "RHSA-2022:0056", "RHSA-2022:0064", "RHSA-2022:0163", "RHSA-2022:0202", "RHSA-2022:0254", "RHSA-2022:0318", "RHSA-2022:0368", "RHSA-2022:0370", "RHSA-2022:0431", "RHSA-2022:0434", "RHSA-2022:0444", "RHSA-2022:0445", "RHSA-2022:0476", "RHSA-2022:0477", "RHSA-2022:0485", "RHSA-2022:0492", "RHSA-2022:0493", "RHSA-2022:0577", "RHSA-2022:0580", "RHSA-2022:0585", "RHSA-2022:0595", "RHSA-2022:0634", "RHSA-2022:0687", "RHSA-2022:0721", "RHSA-2022:0735", "RHSA-2022:0842", "RHSA-2022:0856", "RHSA-2022:0892", "RHSA-2022:0896", "RHSA-2022:0899", "RHSA-2022:1039", "RHSA-2022:1041", "RHSA-2022:1042", "RHSA-2022:1051", "RHSA-2022:1065", "RHSA-2022:1066", "RHSA-2022:1071", "RHSA-2022:1073", "RHSA-2022:1076", "RHSA-2022:1077", "RHSA-2022:1078", "RHSA-2022:1081", "RHSA-2022:1082", "RHSA-2022:1083", "RHSA-2022:1091", "RHSA-2022:1112", "RHSA-2022:1263", "RHSA-2022:1356", "RHSA-2022:1357", "RHSA-2022:1363", "RHSA-2022:1370", "RHSA-2022:1389", "RHSA-2022:1390", "RHSA-2022:1396", "RHSA-2022:1476", "RHSA-2022:1519", "RHSA-2022:1520", "RHSA-2022:1591", "RHSA-2022:1622", "RHSA-2022:1642", "RHSA-2022:1661", "RHSA-2022:1679", "RHSA-2022:1681", "RHSA-2022:1713", "RHSA-2022:1715", "RHSA-2022:1734", "RHSA-2022:1739", "RHSA-2022:1747", "RHSA-2022:2031", "RHSA-2022:2092", "RHSA-2022:2183", "RHSA-2022:2192", "RHSA-2022:2197", "RHSA-2022:2198", "RHSA-2022:2201", "RHSA-2022:2213", "RHSA-2022:2214", "RHSA-2022:2216", "RHSA-2022:2217", "RHSA-2022:2218", "RHSA-2022:2264", "RHSA-2022:2265", "RHSA-2022:2268", "RHSA-2022:2272", "RHSA-2022:2281", "RHSA-2022:2283", "RHSA-2022:4584", "RHSA-2022:4592", "RHSA-2022:4668", "RHSA-2022:4671", "RHSA-2022:4690", "RHSA-2022:4691", "RHSA-2022:4692", "RHSA-2022:4814", "RHSA-2022:4845", "RHSA-2022:4863", "RHSA-2022:4880", "RHSA-2022:4896", "RHSA-2022:4899", "RHSA-2022:4956", "RHSA-2022:4985", "RHSA-2022:5006", "RHSA-2022:5026", "RHSA-2022:5069", "RHSA-2022:5070", "RHSA-2022:5132", "RHSA-2022:5152", "RHSA-2022:5163", "RHSA-2022:5187", "RHSA-2022:5188", "RHSA-2022:5192", "RHSA-2022:5201", "RHSA-2022:5250", "RHSA-2022:5311", "RHSA-2022:5317", "RHSA-2022:5326", "RHSA-2022:5392", "RHSA-2022:5439", "RHSA-2022:5483", "RHSA-2022:5498", "RHSA-2022:5525", "RHSA-2022:5531", "RHSA-2022:5556", "RHSA-2022:5673", "RHSA-2022:5699", "RHSA-2022:5704", "RHSA-2022:5840", "RHSA-2022:5908", "RHSA-2022:5909", "RHSA-2022:5924", "RHSA-2022:6024", "RHSA-2022:6040", "RHSA-2022:6156", "RHSA-2022:6271", "RHSA-2022:6290", "RHSA-2022:6346", "RHSA-2022:6348", "RHSA-2022:6422", "RHSA-2022:6424", "RHSA-2022:6427", "RHSA-2022:6429", "RHSA-2022:6430", "RHSA-2022:6507", "RHSA-2022:6526", "RHSA-2022:6696", "RHSA-2022:6890", "RHSA-2022:7144", "RHSA-2022:7813", "RHSA-2022:8418", "RHSA-2022:8420", "RHSA-2022:8841", "RHSA-2023:0943", "RHSA-2023:0975", "RHSA-2023:0976", "RHSA-2023:3742"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-20673", "RH:CVE-2018-25032", "RH:CVE-2019-13750", "RH:CVE-2019-13751", "RH:CVE-2019-17594", "RH:CVE-2019-17595", "RH:CVE-2019-19603", "RH:CVE-2019-20838", "RH:CVE-2019-5827", "RH:CVE-2020-12762", "RH:CVE-2020-13435", "RH:CVE-2020-13950", "RH:CVE-2020-14155", "RH:CVE-2020-16135", "RH:CVE-2020-24370", "RH:CVE-2020-28493", "RH:CVE-2020-36049", "RH:CVE-2020-36242", "RH:CVE-2021-20095", "RH:CVE-2021-20266", "RH:CVE-2021-20270", "RH:CVE-2021-23177", "RH:CVE-2021-23840", "RH:CVE-2021-23841", "RH:CVE-2021-25214", "RH:CVE-2021-25219", "RH:CVE-2021-27291", "RH:CVE-2021-27645", "RH:CVE-2021-28153", "RH:CVE-2021-31566", "RH:CVE-2021-3200", "RH:CVE-2021-33560", "RH:CVE-2021-33574", "RH:CVE-2021-3445", "RH:CVE-2021-3521", "RH:CVE-2021-3572", "RH:CVE-2021-35942", "RH:CVE-2021-36084", "RH:CVE-2021-36085", "RH:CVE-2021-36086", "RH:CVE-2021-36087", "RH:CVE-2021-3634", "RH:CVE-2021-3712", "RH:CVE-2021-3800", "RH:CVE-2021-38604", "RH:CVE-2021-3999", "RH:CVE-2021-40528", "RH:CVE-2021-4122", "RH:CVE-2021-42771", "RH:CVE-2021-44569", "RH:CVE-2021-44570", "RH:CVE-2021-44571", "RH:CVE-2021-44573", "RH:CVE-2021-44574", "RH:CVE-2021-44575", "RH:CVE-2021-44576", "RH:CVE-2021-44577", "RH:CVE-2022-0778", "RH:CVE-2022-23218", "RH:CVE-2022-23219", "RH:CVE-2022-23308", "RH:CVE-2022-25878", "RH:CVE-2022-29824", "RH:CVE-2022-36067"]}, {"type": "redos", "idList": ["ROS-20220112-02", "ROS-20220125-15", "ROS-20220209-01", "ROS-20220315-01", "ROS-20220318-02", "ROS-20220322-02", "ROS-20220323-02", "ROS-20220329-01", "ROS-20220516-08", "ROS-20230619-05"]}, {"type": "rocky", "idList": ["RLSA-2021:4139", "RLSA-2021:4150", "RLSA-2021:4151", "RLSA-2021:4160", "RLSA-2021:4161", "RLSA-2021:4162", "RLSA-2021:4198", "RLSA-2021:4201", "RLSA-2021:4358", "RLSA-2021:4373", "RLSA-2021:4382", "RLSA-2021:4384", "RLSA-2021:4385", "RLSA-2021:4386", "RLSA-2021:4387", "RLSA-2021:4396", "RLSA-2021:4408", "RLSA-2021:4409", "RLSA-2021:4424", "RLSA-2021:4426", "RLSA-2021:4464", "RLSA-2021:4489", "RLSA-2021:4510", "RLSA-2021:4513", "RLSA-2021:5226", "RLSA-2022:0368", "RLSA-2022:0370", "RLSA-2022:0892", "RLSA-2022:0896", "RLSA-2022:0899", "RLSA-2022:1065", "RLSA-2022:1642", "RLSA-2022:2031", "RLSA-2022:2092", "RLSA-2022:2201", "RLSA-2022:368", "RLSA-2022:370", "RLSA-2022:4899", "RLSA-2022:5163", "RLSA-2022:5250", "RLSA-2022:5311", "RLSA-2022:5317", "RLSA-2022:5326", "RLSA-2022:5498", "RLSA-2022:896"]}, {"type": "rosalinux", "idList": ["ROSA-SA-2021-1963", "ROSA-SA-2021-1975", "ROSA-SA-2023-2156"]}, {"type": "rubygems", "idList": ["RUBY:NOKOGIRI-2018-25032", "RUBY:NOKOGIRI-2021-30560"]}, {"type": "rustsec", "idList": ["RUSTSEC-2021-0057", "RUSTSEC-2021-0058", "RUSTSEC-2021-0098", "RUSTSEC-2022-0014"]}, {"type": "slackware", "idList": ["SSA-2021-118-01", "SSA-2021-158-01", "SSA-2021-300-01", "SSA-2022-059-01", "SSA-2022-076-02", "SSA-2022-087-01", "SSA-2022-122-01", "SSA-2022-228-01"]}, {"type": "sqlite", "idList": ["SQLT:CVE-2020-13435"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1456-1", "OPENSUSE-SU-2019:1488-1", "OPENSUSE-SU-2019:1666-1", "OPENSUSE-SU-2019:2550-1", "OPENSUSE-SU-2019:2551-1", "OPENSUSE-SU-2019:2692-1", "OPENSUSE-SU-2019:2694-1", "OPENSUSE-SU-2021:0357-1", "OPENSUSE-SU-2021:0372-1", "OPENSUSE-SU-2021:0427-1", "OPENSUSE-SU-2021:0430-1", "OPENSUSE-SU-2021:0668-1", "OPENSUSE-SU-2021:0908-1", "OPENSUSE-SU-2021:0919-1", "OPENSUSE-SU-2021:0962-1", "OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:1188-1", "OPENSUSE-SU-2021:1189-1", "OPENSUSE-SU-2021:1248-1", "OPENSUSE-SU-2021:1261-1", "OPENSUSE-SU-2021:1366-1", "OPENSUSE-SU-2021:1374-1", "OPENSUSE-SU-2021:1402-1", "OPENSUSE-SU-2021:1441-1", "OPENSUSE-SU-2021:1502-1", "OPENSUSE-SU-2021:1521-1", "OPENSUSE-SU-2021:1553-1", "OPENSUSE-SU-2021:1598-1", "OPENSUSE-SU-2021:1826-1", "OPENSUSE-SU-2021:2127-1", "OPENSUSE-SU-2021:2157-1", "OPENSUSE-SU-2021:2196-1", "OPENSUSE-SU-2021:2320-1", "OPENSUSE-SU-2021:2682-1", "OPENSUSE-SU-2021:2685-1", "OPENSUSE-SU-2021:2827-1", "OPENSUSE-SU-2021:2830-1", "OPENSUSE-SU-2021:2966-1", "OPENSUSE-SU-2021:2994-1", "OPENSUSE-SU-2021:3291-1", "OPENSUSE-SU-2021:3529-1", "OPENSUSE-SU-2021:3773-1", "OPENSUSE-SU-2021:3839-1", "OPENSUSE-SU-2021:3841-1", "OPENSUSE-SU-2021:3945-1", "OPENSUSE-SU-2021:4001-1", "OPENSUSE-SU-2021:4002-1", "OPENSUSE-SU-2022:0064-1", "OPENSUSE-SU-2022:0144-1", "OPENSUSE-SU-2022:0151-1", "OPENSUSE-SU-2022:0184-1", "OPENSUSE-SU-2022:0184-2", "OPENSUSE-SU-2022:0330-1", "OPENSUSE-SU-2022:0802-1", "OPENSUSE-SU-2022:0856-1", "OPENSUSE-SU-2022:0942-1", "OPENSUSE-SU-2022:10126-1", "OPENSUSE-SU-2022:1061-1", "OPENSUSE-SU-2022:1091-1", "SUSE-SU-2022:1455-1", "SUSE-SU-2022:1461-1", "SUSE-SU-2022:1462-1", "SUSE-SU-2022:1485-1", "SUSE-SU-2022:1750-1", "SUSE-SU-2022:2174-1", "SUSE-SU-2022:2552-1", "SUSE-SU-2022:2713-1", "SUSE-SU-2022:3306-1", "SUSE-SU-2022:3393-1"]}, {"type": "symantec", "idList": ["SMNTC-17570"]}, {"type": "thn", "idList": ["THN:3AB82AD3C4EB492FE308B1276534EBD7", "THN:4CD6AEBFF705DD178769DA927390CFFD", "THN:7BFD25D2F4578F2691180F559A165515", "THN:8198C407B889F0B459BC5B078A2D620C", "THN:85C69AD4617097A82E6BB57E4EBB6186", "THN:956AABF5B319061A5E1BE0CAFE96857B", "THN:A022718A54C5EE0C2378E2A496201F6C", "THN:B878F356832352DE3255B00CFB12A5B7", "THN:E3C1AF2A6CE8B829495FB40E92024794", "THN:E9D669FA44AB917B9390A4C3DFBF7267"]}, {"type": "threatpost", "idList": ["THREATPOST:4C9E0FFA5C914E395A66D2DC65B16649", "THREATPOST:703466E6007D5E2783255F53CBE5B433", "THREATPOST:B5964CC2880F7E4AFF1E9C5DEEE5B287"]}, {"type": "ubuntu", "idList": ["USN-4205-1", "USN-4298-1", "USN-4298-2", "USN-4360-1", "USN-4360-4", "USN-4394-1", "USN-4447-1", "USN-4738-1", "USN-4745-1", "USN-4764-1", "USN-4885-1", "USN-4897-1", "USN-4929-1", "USN-4961-2", "USN-4994-1", "USN-5051-1", "USN-5051-2", "USN-5051-3", "USN-5051-4", "USN-5053-1", "USN-5080-1", "USN-5080-2", "USN-5088-1", "USN-5126-1", "USN-5126-2", "USN-5189-1", "USN-5273-1", "USN-5286-1", "USN-5291-1", "USN-5310-1", "USN-5310-2", "USN-5324-1", "USN-5328-1", "USN-5328-2", "USN-5355-1", "USN-5355-2", "USN-5359-1", "USN-5359-2", "USN-5391-1", "USN-5422-1", "USN-5425-1", "USN-5477-1", "USN-5699-1", "USN-5701-1", "USN-5739-1", "USN-6099-1", "USN-6102-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-20673", "UB:CVE-2018-25032", "UB:CVE-2019-13750", "UB:CVE-2019-13751", "UB:CVE-2019-17594", "UB:CVE-2019-17595", "UB:CVE-2019-19603", "UB:CVE-2019-20838", "UB:CVE-2019-5827", "UB:CVE-2020-12762", "UB:CVE-2020-13435", "UB:CVE-2020-13950", "UB:CVE-2020-14155", "UB:CVE-2020-16135", "UB:CVE-2020-24370", "UB:CVE-2020-28493", "UB:CVE-2020-36049", "UB:CVE-2021-20266", "UB:CVE-2021-20270", "UB:CVE-2021-23177", "UB:CVE-2021-23840", "UB:CVE-2021-23841", "UB:CVE-2021-25214", "UB:CVE-2021-25219", "UB:CVE-2021-27291", "UB:CVE-2021-27645", "UB:CVE-2021-28153", "UB:CVE-2021-31566", "UB:CVE-2021-3200", "UB:CVE-2021-32677", "UB:CVE-2021-33560", "UB:CVE-2021-33574", "UB:CVE-2021-3445", "UB:CVE-2021-3521", "UB:CVE-2021-3572", "UB:CVE-2021-35942", "UB:CVE-2021-36084", "UB:CVE-2021-36085", "UB:CVE-2021-36086", "UB:CVE-2021-36087", "UB:CVE-2021-3634", "UB:CVE-2021-3712", "UB:CVE-2021-3800", "UB:CVE-2021-38604", "UB:CVE-2021-3999", "UB:CVE-2021-40528", "UB:CVE-2021-4122", "UB:CVE-2021-42771", "UB:CVE-2022-0778", "UB:CVE-2022-23218", "UB:CVE-2022-23219", "UB:CVE-2022-23308", "UB:CVE-2022-23457", "UB:CVE-2022-24891", "UB:CVE-2022-29824", "UB:CVE-2022-36083", "UB:CVE-2022-37616"]}, {"type": "veracode", "idList": ["VERACODE:26073", "VERACODE:26186", "VERACODE:26737", "VERACODE:26878", "VERACODE:26906", "VERACODE:27030", "VERACODE:28548", "VERACODE:28937", "VERACODE:29200", "VERACODE:29201", "VERACODE:29418", "VERACODE:29419", "VERACODE:29752", "VERACODE:30019", "VERACODE:30021", "VERACODE:30030", "VERACODE:30238", "VERACODE:30313", "VERACODE:30527", "VERACODE:30744", "VERACODE:30903", "VERACODE:30939", "VERACODE:31814", "VERACODE:31820", "VERACODE:31844", "VERACODE:32004", "VERACODE:32496", "VERACODE:32679", "VERACODE:32798", "VERACODE:32902", "VERACODE:32922", "VERACODE:32946", "VERACODE:32949", "VERACODE:32953", "VERACODE:32962", "VERACODE:32994", "VERACODE:32997", "VERACODE:32998", "VERACODE:32999", "VERACODE:33000", "VERACODE:33224", "VERACODE:33225", "VERACODE:33226", "VERACODE:33227", "VERACODE:33453", "VERACODE:33752", "VERACODE:34455", "VERACODE:34563", "VERACODE:34716", "VERACODE:34863", "VERACODE:35033", "VERACODE:35036", "VERACODE:35037", "VERACODE:35045", "VERACODE:35267", "VERACODE:35285", "VERACODE:35331", "VERACODE:35379", "VERACODE:35772", "VERACODE:36961", "VERACODE:36972", "VERACODE:37525", "VERACODE:38562"]}, {"type": "virtuozzo", "idList": ["VZA-2022-016", "VZA-2022-017"]}, {"type": "zdt", "idList": ["1337DAY-ID-37760", "1337DAY-ID-38064"]}]}, "score": {"value": 10.6, "vector": "NONE"}, "affected_software": {"major_version": [{"name": "ibm cloud pak for security", "version": 1}]}, "epss": [{"cve": "CVE-2018-20673", "epss": 0.00091, "percentile": 0.37682, "modified": "2023-05-02"}, {"cve": "CVE-2018-25032", "epss": 0.00189, "percentile": 0.54931, "modified": "2023-05-02"}, {"cve": "CVE-2019-13750", "epss": 0.00364, "percentile": 0.68203, "modified": "2023-05-02"}, {"cve": "CVE-2019-13751", "epss": 0.00597, "percentile": 0.75204, "modified": "2023-05-02"}, {"cve": "CVE-2019-17594", "epss": 0.00055, "percentile": 0.20678, "modified": "2023-05-02"}, {"cve": "CVE-2019-17595", "epss": 0.00151, "percentile": 0.49895, "modified": "2023-05-02"}, {"cve": "CVE-2019-19603", "epss": 0.00212, "percentile": 0.57581, "modified": "2023-05-02"}, {"cve": "CVE-2019-20838", "epss": 0.00744, "percentile": 0.78204, "modified": "2023-05-01"}, {"cve": "CVE-2019-5827", "epss": 0.00408, "percentile": 0.69974, "modified": "2023-05-02"}, {"cve": "CVE-2020-12762", "epss": 0.0008, "percentile": 0.3297, "modified": "2023-05-01"}, {"cve": "CVE-2020-13435", "epss": 0.00106, "percentile": 0.41699, "modified": "2023-05-01"}, {"cve": "CVE-2020-13950", "epss": 0.01197, "percentile": 0.83087, "modified": "2023-05-01"}, {"cve": "CVE-2020-14155", "epss": 0.00275, "percentile": 0.63293, "modified": "2023-05-01"}, {"cve": "CVE-2020-16135", "epss": 0.00668, "percentile": 0.7676, "modified": "2023-05-01"}, {"cve": "CVE-2020-24370", "epss": 0.00096, "percentile": 0.38985, "modified": "2023-05-01"}, {"cve": "CVE-2020-28493", "epss": 0.00151, "percentile": 0.49879, "modified": "2023-05-01"}, {"cve": "CVE-2020-36049", "epss": 0.00182, "percentile": 0.54003, "modified": "2023-05-01"}, {"cve": "CVE-2021-20266", "epss": 0.00109, "percentile": 0.42395, "modified": "2023-05-01"}, {"cve": "CVE-2021-20270", "epss": 0.00231, "percentile": 0.59781, "modified": "2023-05-01"}, {"cve": "CVE-2021-23177", "epss": 0.0005, "percentile": 0.17284, "modified": "2023-05-02"}, {"cve": "CVE-2021-23840", "epss": 0.00316, "percentile": 0.65886, "modified": "2023-05-01"}, {"cve": "CVE-2021-23841", "epss": 0.00299, "percentile": 0.64861, "modified": "2023-05-01"}, {"cve": "CVE-2021-25214", "epss": 0.01031, "percentile": 0.81669, "modified": "2023-05-01"}, {"cve": "CVE-2021-25219", "epss": 0.0027, "percentile": 0.62943, "modified": "2023-05-02"}, {"cve": "CVE-2021-27291", "epss": 0.00664, "percentile": 0.76675, "modified": "2023-05-01"}, {"cve": "CVE-2021-27645", "epss": 0.00047, "percentile": 0.14422, "modified": "2023-05-01"}, {"cve": "CVE-2021-28153", "epss": 0.00242, "percentile": 0.60624, "modified": "2023-05-01"}, {"cve": "CVE-2021-29444", "epss": 0.00133, "percentile": 0.47021, "modified": "2023-05-01"}, {"cve": "CVE-2021-29445", "epss": 0.00133, "percentile": 0.47021, "modified": "2023-05-01"}, {"cve": "CVE-2021-29446", "epss": 0.00133, "percentile": 0.47021, "modified": "2023-05-01"}, {"cve": "CVE-2021-31566", "epss": 0.0005, "percentile": 0.17284, "modified": "2023-05-02"}, {"cve": "CVE-2021-3200", "epss": 0.00059, "percentile": 0.2272, "modified": "2023-05-01"}, {"cve": "CVE-2021-32677", "epss": 0.00086, "percentile": 0.35069, "modified": "2023-05-01"}, {"cve": "CVE-2021-33560", "epss": 0.00105, "percentile": 0.41486, "modified": "2023-05-01"}, {"cve": "CVE-2021-33574", "epss": 0.00219, "percentile": 0.58342, "modified": "2023-05-01"}, {"cve": "CVE-2021-3445", "epss": 0.00203, "percentile": 0.56797, "modified": "2023-05-01"}, {"cve": "CVE-2021-3521", "epss": 0.00047, "percentile": 0.14407, "modified": "2023-05-02"}, {"cve": "CVE-2021-3572", "epss": 0.00057, "percentile": 0.21718, "modified": "2023-05-01"}, {"cve": "CVE-2021-35942", "epss": 0.00509, "percentile": 0.73081, "modified": "2023-05-01"}, {"cve": "CVE-2021-36084", "epss": 0.00067, "percentile": 0.27368, "modified": "2023-05-01"}, {"cve": "CVE-2021-36085", "epss": 0.00052, "percentile": 0.1821, "modified": "2023-05-01"}, {"cve": "CVE-2021-36086", "epss": 0.00052, "percentile": 0.1821, "modified": "2023-05-01"}, {"cve": "CVE-2021-36087", "epss": 0.00055, "percentile": 0.20694, "modified": "2023-05-01"}, {"cve": "CVE-2021-3634", "epss": 0.00383, "percentile": 0.68985, "modified": "2023-05-02"}, {"cve": "CVE-2021-3712", "epss": 0.00396, "percentile": 0.69508, "modified": "2023-05-02"}, {"cve": "CVE-2021-3800", "epss": 0.00053, "percentile": 0.18827, "modified": "2023-05-02"}, {"cve": "CVE-2021-3999", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2021-40528", "epss": 0.00142, "percentile": 0.48592, "modified": "2023-05-02"}, {"cve": "CVE-2021-4122", "epss": 0.00047, "percentile": 0.14407, "modified": "2023-05-02"}, {"cve": "CVE-2021-42771", "epss": 0.00048, "percentile": 0.14906, "modified": "2023-05-02"}, {"cve": "CVE-2022-0778", "epss": 0.01367, "percentile": 0.84247, "modified": "2023-05-02"}, {"cve": "CVE-2022-23218", "epss": 0.00165, "percentile": 0.51735, "modified": "2023-05-02"}, {"cve": "CVE-2022-23219", "epss": 0.00193, "percentile": 0.55508, "modified": "2023-05-02"}, {"cve": "CVE-2022-23308", "epss": 0.00217, "percentile": 0.58225, "modified": "2023-05-02"}, {"cve": "CVE-2022-23457", "epss": 0.00193, "percentile": 0.55568, "modified": "2023-05-02"}, {"cve": "CVE-2022-24891", "epss": 0.00077, "percentile": 0.31599, "modified": "2023-05-02"}, {"cve": "CVE-2022-25878", "epss": 0.00052, "percentile": 0.18211, "modified": "2023-05-02"}, {"cve": "CVE-2022-25893", "epss": 0.0009, "percentile": 0.36908, "modified": "2023-05-02"}, {"cve": "CVE-2022-29824", "epss": 0.00095, "percentile": 0.38764, "modified": "2023-05-02"}, {"cve": "CVE-2022-36067", "epss": 0.00363, "percentile": 0.68161, "modified": "2023-05-02"}, {"cve": "CVE-2022-36083", "epss": 0.00052, "percentile": 0.18318, "modified": "2023-05-02"}, {"cve": "CVE-2022-37616", "epss": 0.00116, "percentile": 0.4407, "modified": "2023-05-02"}], "vulnersScore": 10.6}, "_state": {"dependencies": 1687586304, "score": 1687588201, "affected_software_major_version": 0, "epss": 0}, "_internal": {"score_hash": "2f1b846529f6daf095f2e83343774b76"}, "affectedSoftware": [{"version": "1.10", "operator": "eq", "name": "ibm cloud pak for security"}]}

{"redhat": [{"lastseen": "2023-08-16T15:27:36", "description": "Openshift Logging Bug Fix Release (5.2.3)\n\nSecurity Fix(es):\n\n* nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option (CVE-2021-23369) \n\n* nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option (CVE-2021-23383) \n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-17T03:27:52", "type": "redhat", "title": "(RHSA-2021:4032) Low: Openshift Logging 5.2.3 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23369", "CVE-2021-23383", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800"], "modified": "2021-11-17T03:28:01", "id": "RHSA-2021:4032", "href": "https://access.redhat.com/errata/RHSA-2021:4032", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Gatekeeper Operator v0.2\n\nGatekeeper is an open source project that applies the OPA Constraint\nFramework to enforce policies on your Kubernetes clusters. \n\nThis advisory contains the container images for Gatekeeper that include security updates, and container upgrades.\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\nNote: Gatekeeper support from the Red Hat support team is limited cases\nwhere it is integrated and used with Red Hat Advanced Cluster Management\nfor Kubernetes. For support options for any other use, see the Gatekeeper\nopen source project website at:\nhttps://open-policy-agent.github.io/gatekeeper/website/docs/howto/.\n\nSecurity updates:\n\n* golang.org/x/crypto: empty plaintext packet causes panic (CVE-2021-43565)\n\n* golang: crypto/elliptic IsOnCurve returns true for invalid field elements (CVE-2022-23806)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-28T12:46:09", "type": "redhat", "title": "(RHSA-2022:1081) Moderate: Gatekeeper Operator v0.2 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23177", "CVE-2021-28153", "CVE-2021-31566", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3580", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-3999", "CVE-2021-42574", "CVE-2021-43565", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23308", "CVE-2022-23806", "CVE-2022-24407"], "modified": "2022-03-28T12:46:25", "id": "RHSA-2022:1081", "href": "https://access.redhat.com/errata/RHSA-2022:1081", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat OpenShift Container Storage is software-defined storage integrated\nwith and optimized for the Red Hat OpenShift Container Platform.\nRed Hat OpenShift Container Storage is highly scalable, production-grade\npersistent storage for stateful applications running in the Red Hat\nOpenShift Container Platform. In addition to persistent storage, Red Hat\nOpenShift Container Storage provides a multicloud data management service\nwith an S3 compatible API.\n\nSecurity Fix(es):\n\n* nodejs-ssh2: Command injection by calling vulnerable method with\nuntrusted input (CVE-2020-26301)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, when the namespace store target was deleted, no alert was\nsent to the namespace bucket because of an issue in calculating the\nnamespace bucket health. With this update, the issue in calculating the\nnamespace bucket health is fixed and alerts are triggered as expected.\n(BZ#1993873)\n\n* Previously, the Multicloud Object Gateway (MCG) components performed\nslowly and there was a lot of pressure on the MCG components due to\nnon-optimized database queries. With this update the non-optimized\ndatabase queries are fixed which reduces the compute resources and time\ntaken for queries. (BZ#2015939)\n\nRed Hat recommends that all users of OpenShift Container Storage apply this update to fix these issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-11-29T13:20:02", "type": "redhat", "title": "(RHSA-2021:4845) Moderate: Red Hat OpenShift Container Storage 4.8.5 Security and Bug Fix Update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-26301", "CVE-2020-28493", "CVE-2020-8037", "CVE-2021-20095", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-28957", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-42574", "CVE-2021-42771"], "modified": "2021-11-29T13:20:46", "id": "RHSA-2021:4845", "href": "https://access.redhat.com/errata/RHSA-2021:4845", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, and 4.9, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: Command-line arguments may overwrite global data (CVE-2021-38297)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-03T17:07:25", "type": "redhat", "title": "(RHSA-2022:0434) Moderate: Release of OpenShift Serverless 1.20.0", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-29923", "CVE-2021-3200", "CVE-2021-33196", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3445", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-38297", "CVE-2021-39293", "CVE-2021-42574"], "modified": "2022-02-03T17:08:36", "id": "RHSA-2022:0434", "href": "https://access.redhat.com/errata/RHSA-2022:0434", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Release of Red Hat OpenShift distributed Tracing provides these changes:\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThe Red Hat OpenShift distributed tracing release notes provide information on\nthe features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/distr_tracing/distributed-tracing-release-notes.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-01-27T16:46:55", "type": "redhat", "title": "(RHSA-2022:0318) Moderate: Red Hat OpenShift distributed tracing 2.1.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-29923", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36221", "CVE-2021-3712", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-42574"], "modified": "2022-01-28T14:56:55", "id": "RHSA-2022:0318", "href": "https://access.redhat.com/errata/RHSA-2022:0318", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Release osp-director-operator images\n\nSecurity Fix(es):\n\n* golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-14T09:17:24", "type": "redhat", "title": "(RHSA-2022:0842) Important: Release of containers for OSP 16.2 director operator tech preview", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-3872", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-4122", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-42574", "CVE-2021-44716", "CVE-2022-24407"], "modified": "2022-03-14T09:17:56", "id": "RHSA-2022:0842", "href": "https://access.redhat.com/errata/RHSA-2022:0842", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:29:43", "description": "SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.\n\nSecurity Fix(es):\n\n* sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)\n\n* sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)\n\n* sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)\n\n* sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)\n\n* sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-11-09T09:16:47", "type": "redhat", "title": "(RHSA-2021:4396) Moderate: sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-19603", "CVE-2019-5827", "CVE-2020-13435"], "modified": "2021-11-09T14:13:41", "id": "RHSA-2021:4396", "href": "https://access.redhat.com/errata/RHSA-2021:4396", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "The release of RHACS 3.67 provides the following new features, bug fixes, security patches and system changes:\n\nOpenShift Dedicated support\n\nRHACS 3.67 is thoroughly tested and supported on OpenShift Dedicated on Amazon Web Services and Google Cloud Platform.\n\n1. Use OpenShift OAuth server as an identity provider\nIf you are using RHACS with OpenShift, you can now configure the built-in OpenShift OAuth server as an identity provider for RHACS. \n\n2. Enhancements for CI outputs\nRed Hat has improved the usability of RHACS CI integrations. CI outputs now show additional detailed information about the vulnerabilities and the security policies responsible for broken builds.\n\n3. Runtime Class policy criteria\nUsers can now use RHACS to define the container runtime configuration that may be used to run a pod\u2019s containers using the Runtime Class policy criteria.\n\nSecurity Fix(es):\n\n* civetweb: directory traversal when using the built-in example HTTP form-based file upload mechanism via the mg_handle_form_request API (CVE-2020-27304)\n\n* nodejs-axios: Regular expression denial of service in trim function (CVE-2021-3749)\n\n* nodejs-prismjs: ReDoS vulnerability (CVE-2021-3801)\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* helm: information disclosure vulnerability (CVE-2021-32690)\n\n* golang: archive/zip: malformed archive may cause panic or memory exhaustion (incomplete fix of CVE-2021-33196) (CVE-2021-39293)\n\n* nodejs-path-parse: ReDoS via splitDeviceRe, splitTailRe and splitPathRe (CVE-2021-23343)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fixes\nThe release of RHACS 3.67 includes the following bug fixes:\n\n1. Previously, when using RHACS with the Compliance Operator integration, RHACS did not respect or populate Compliance Operator TailoredProfiles. This has been fixed.\n\n2. Previously, the Alpine Linux package manager (APK) in Image policy looked for the presence of apk package in the image rather than the apk-tools package. This issue has been fixed.\n\nSystem changes\nThe release of RHACS 3.67 includes the following system changes:\n\n1. Scanner now identifies vulnerabilities in Ubuntu 21.10 images.\n2. The Port exposure method policy criteria now include route as an exposure method.\n3. The OpenShift: Kubeadmin Secret Accessed security policy now allows the OpenShift Compliance Operator to check for the existence of the Kubeadmin secret without creating a violation.\n4. The OpenShift Compliance Operator integration now supports using TailoredProfiles.\n5. The RHACS Jenkins plugin now provides additional security information.\n6. When you enable the environment variable ROX_NETWORK_ACCESS_LOG for Central, the logs contain the Request URI and X-Forwarded-For header values.\n7. The default uid:gid pair for the Scanner image is now 65534:65534.\n8. RHACS adds a new default Scope Manager role that includes minimum permissions to create and modify access scopes.\n9. If microdnf is part of an image or shows up in process execution, RHACS reports it as a security violation for the Red Hat Package Manager in Image or the Red Hat Package Manager Execution security policies.\n10. In addition to manually uploading vulnerability definitions in offline mode, you can now upload definitions in online mode. \n11. You can now format the output of the following roxctl CLI commands in table, csv, or JSON format: image scan, image check & deployment check\n12. You can now use a regular expression for the deployment name while specifying policy exclusions", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-01T16:08:19", "type": "redhat", "title": "(RHSA-2021:4902) Moderate: ACS 3.67 security and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-27304", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23343", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-29923", "CVE-2021-3200", "CVE-2021-32690", "CVE-2021-33196", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3445", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3749", "CVE-2021-3800", "CVE-2021-3801", "CVE-2021-39293"], "modified": "2021-12-01T16:08:34", "id": "RHSA-2021:4902", "href": "https://access.redhat.com/errata/RHSA-2021:4902", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.\n\nSecurity Fix(es):\n\n* gitops: Path traversal and dereference of symlinks when passing Helm value files (CVE-2022-24348)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-17T21:43:14", "type": "redhat", "title": "(RHSA-2022:0580) Important: Red Hat OpenShift GitOps security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20271", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-37750", "CVE-2021-3800", "CVE-2021-39241", "CVE-2021-40346", "CVE-2021-42574", "CVE-2021-43527", "CVE-2021-44790", "CVE-2022-24348"], "modified": "2022-02-17T21:43:37", "id": "RHSA-2022:0580", "href": "https://access.redhat.com/errata/RHSA-2022:0580", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-25T12:20:41", "description": "The libsepol library provides an API for the manipulation of SELinux binary policies. It is used by checkpolicy (the policy compiler) and similar tools, as well as by programs like load_policy that need to perform specific transformations on binary policies (for example, customizing policy boolean settings).\n\nSecurity Fix(es):\n\n* libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084)\n\n* libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36085)\n\n* libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086)\n\n* libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2021-11-09T09:39:50", "type": "redhat", "title": "(RHSA-2021:4513) Moderate: libsepol security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2021-11-09T14:11:42", "id": "RHSA-2021:4513", "href": "https://access.redhat.com/errata/RHSA-2021:4513", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "The Migration Toolkit for Containers (MTC) enables you to migrate\nKubernetes resources, persistent volume data, and internal container images\nbetween OpenShift Container Platform clusters, using the MTC web console or\nthe Kubernetes API.\n\nSecurity Fix(es):\n\n* nodejs-immer: prototype pollution may lead to DoS or remote code execution (CVE-2021-3757)\n\n* mig-controller: incorrect namespaces handling may lead to not authorized usage of Migration Toolkit for Containers (MTC) (CVE-2021-3948)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-29T14:28:33", "type": "redhat", "title": "(RHSA-2021:4848) Moderate: Migration Toolkit for Containers (MTC) 1.5.2 security update and bugfix advisory", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27218", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33928", "CVE-2021-33929", "CVE-2021-33930", "CVE-2021-33938", "CVE-2021-3445", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3620", "CVE-2021-36222", "CVE-2021-3733", "CVE-2021-3757", "CVE-2021-37750", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-3948"], "modified": "2021-11-29T14:28:50", "id": "RHSA-2021:4848", "href": "https://access.redhat.com/errata/RHSA-2021:4848", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.2.10 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments.\n\nClusters and applications are all visible and managed from a single console \u2014 with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security fixes, bug fixes and container upgrades. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/\n\nSecurity fixes: \n\n* CVE-2021-3795 semver-regex: inefficient regular expression complexity\n\n* CVE-2021-23440 nodejs-set-value: type confusion allows bypass of CVE-2019-10747 \n\nRelated bugs: \n\n* RHACM 2.2.10 images (Bugzilla #2013652)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-08T21:27:56", "type": "redhat", "title": "(RHSA-2021:5038) Low: Red Hat Advanced Cluster Management 2.2.10 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2019-10747", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-36385", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20271", "CVE-2021-20317", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23440", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33928", "CVE-2021-33929", "CVE-2021-33930", "CVE-2021-33938", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3733", "CVE-2021-37750", "CVE-2021-3778", "CVE-2021-3795", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-42574", "CVE-2021-43267", "CVE-2021-43527"], "modified": "2021-12-08T21:28:29", "id": "RHSA-2021:5038", "href": "https://access.redhat.com/errata/RHSA-2021:5038", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-30T12:45:50", "description": "Red Hat Advanced Cluster Management for Kubernetes 2.2.11 images\n\nRed Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments.\n\nClusters and applications are all visible and managed from a single console \u2014 with security policy built in.\n\nThis advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide security fixes, bug fixes and container upgrades. See the following Release Notes documentation, which will be updated shortly for this release, for additional details about this release:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.2/html/release_notes/\n\nSecurity updates:\n\n* object-path: Type confusion vulnerability can lead to a bypass of CVE-2020-15256 (CVE-2021-23434)\n\n* follow-redirects: Exposure of Private Personal Information to an Unauthorized Actor (CVE-2022-0155)\n\nRelated bugs: \n\n* RHACM 2.2.11 images (Bugzilla #2029508)\n\n* ClusterImageSet has 4.5 which is not supported in ACM 2.2.10 (Bugzilla #2030859)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-14T12:22:55", "type": "redhat", "title": "(RHSA-2022:0856) Moderate: Red Hat Advanced Cluster Management 2.2.11 security updates and bug fixes", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 5.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.9, "vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-0465", "CVE-2020-0466", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-15256", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-25709", "CVE-2020-25710", "CVE-2021-0920", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23434", "CVE-2021-25214", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3564", "CVE-2021-3572", "CVE-2021-3573", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-3752", "CVE-2021-3800", "CVE-2021-3872", "CVE-2021-39241", "CVE-2021-3984", "CVE-2021-4019", "CVE-2021-40346", "CVE-2021-4122", "CVE-2021-4155", "CVE-2021-4192", "CVE-2021-4193", "CVE-2021-42574", "CVE-2022-0155", "CVE-2022-0185", "CVE-2022-0330", "CVE-2022-22942", "CVE-2022-24407"], "modified": "2022-03-14T12:23:27", "id": "RHSA-2022:0856", "href": "https://access.redhat.com/errata/RHSA-2022:0856", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T14:34:16", "description": "The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.\n\nSecurity Fix(es):\n\n* glibc: Arbitrary read in wordexp() (CVE-2021-35942)\n\n* glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (CVE-2021-27645)\n\n* glibc: mq_notify does not handle separately allocated thread attributes (CVE-2021-33574)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-11-09T09:08:59", "type": "redhat", "title": "(RHSA-2021:4358) Moderate: glibc security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-27645", "CVE-2021-33574", "CVE-2021-35942"], "modified": "2021-11-09T14:13:04", "id": "RHSA-2021:4358", "href": "https://access.redhat.com/errata/RHSA-2021:4358", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.8.3 images:\n\nRHEL-8-CNV-4.8\n==============\nhostpath-provisioner-container-v4.8.3-4\nkubevirt-v2v-conversion-container-v4.8.3-3\nvirt-cdi-cloner-container-v4.8.3-4\nvirt-cdi-operator-container-v4.8.3-4\nvirt-cdi-uploadproxy-container-v4.8.3-4\nvirt-launcher-container-v4.8.3-9\nvm-import-operator-container-v4.8.3-7\nvirt-cdi-apiserver-container-v4.8.3-4\nkubevirt-vmware-container-v4.8.3-3\nvirt-api-container-v4.8.3-9\nvm-import-virtv2v-container-v4.8.3-7\nvirtio-win-container-v4.8.3-3\nnode-maintenance-operator-container-v4.8.3-2\nhostpath-provisioner-operator-container-v4.8.3-4\nvirt-cdi-controller-container-v4.8.3-4\nvirt-cdi-importer-container-v4.8.3-4\nbridge-marker-container-v4.8.3-3\novs-cni-marker-container-v4.8.3-3\nvirt-handler-container-v4.8.3-9\nvirt-controller-container-v4.8.3-9\ncnv-containernetworking-plugins-container-v4.8.3-3\nkubevirt-template-validator-container-v4.8.3-3\nhyperconverged-cluster-webhook-container-v4.8.3-5\novs-cni-plugin-container-v4.8.3-3\nhyperconverged-cluster-operator-container-v4.8.3-5\nkubevirt-ssp-operator-container-v4.8.3-4\nvirt-cdi-uploadserver-container-v4.8.3-4\nkubemacpool-container-v4.8.3-5\nvm-import-controller-container-v4.8.3-7\nvirt-operator-container-v4.8.3-9\nkubernetes-nmstate-handler-container-v4.8.3-8\ncnv-must-gather-container-v4.8.3-12\ncluster-network-addons-operator-container-v4.8.3-8\nhco-bundle-registry-container-v4.8.3-58\n\nSecurity Fix(es):\n\n* golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet (CVE-2021-29923)\n\n* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-12-02T15:41:38", "type": "redhat", "title": "(RHSA-2021:4914) Moderate: OpenShift Virtualization 4.8.3 Images security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-25648", "CVE-2020-36385", "CVE-2021-0512", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20317", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-28950", "CVE-2021-29923", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33928", "CVE-2021-33929", "CVE-2021-33930", "CVE-2021-33938", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-34558", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36222", "CVE-2021-3656", "CVE-2021-3733", "CVE-2021-37750", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-42574", "CVE-2021-43267"], "modified": "2021-12-02T15:42:01", "id": "RHSA-2021:4914", "href": "https://access.redhat.com/errata/RHSA-2021:4914", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.\n\nSecurity Fix(es):\n\n* glibc: Off-by-one buffer overflow/underflow in getcwd() (CVE-2021-3999)\n\n* glibc: Stack-based buffer overflow in svcunix_create via long pathnames (CVE-2022-23218)\n\n* glibc: Stack-based buffer overflow in sunrpc clnt_create via a long pathname (CVE-2022-23219)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-03-15T09:12:12", "type": "redhat", "title": "(RHSA-2022:0896) Moderate: glibc security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3999", "CVE-2022-23218", "CVE-2022-23219"], "modified": "2022-03-15T09:22:57", "id": "RHSA-2022:0896", "href": "https://access.redhat.com/errata/RHSA-2022:0896", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Openshift Logging Security and Bug Fix Release (5.3.1)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T16:46:20", "type": "redhat", "title": "(RHSA-2021:5129) Moderate: Openshift Logging security and bug update (5.3.1)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-17541", "CVE-2020-24370", "CVE-2020-35521", "CVE-2020-35522", "CVE-2020-35523", "CVE-2020-35524", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20317", "CVE-2021-21409", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-31535", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3481", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3800", "CVE-2021-42574", "CVE-2021-43267", "CVE-2021-43527", "CVE-2021-44228", "CVE-2021-45046"], "modified": "2021-12-15T13:04:07", "id": "RHSA-2021:5129", "href": "https://access.redhat.com/errata/RHSA-2021:5129", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Openshift Logging Security and Bug Fix Release (5.1.5)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T16:46:13", "type": "redhat", "title": "(RHSA-2021:5128) Moderate: Openshift Logging security and bug update (5.1.5)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-17541", "CVE-2020-24370", "CVE-2020-35521", "CVE-2020-35522", "CVE-2020-35523", "CVE-2020-35524", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-21409", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-31535", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3481", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3778", "CVE-2021-3796", "CVE-2021-3800", "CVE-2021-42574", "CVE-2021-43527", "CVE-2021-44228", "CVE-2021-45046"], "modified": "2021-12-15T13:06:57", "id": "RHSA-2021:5128", "href": "https://access.redhat.com/errata/RHSA-2021:5128", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Openshift Logging Security and Bug Fix Release (5.2.4)\n\nSecurity Fix(es):\n\n* log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value (CVE-2021-44228)\n\n* netty: Request smuggling via content-length header (CVE-2021-21409)\n\n* netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data (CVE-2021-37136)\n\n* netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way (CVE-2021-37137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2021-12-14T16:45:56", "type": "redhat", "title": "(RHSA-2021:5127) Moderate: Openshift Logging security and bug update (5.2.4)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-17541", "CVE-2020-24370", "CVE-2020-35521", "CVE-2020-35522", "CVE-2020-35523", "CVE-2020-35524", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20317", "CVE-2021-21409", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-31535", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3481", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3712", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3800", "CVE-2021-42574", "CVE-2021-43267", "CVE-2021-43527", "CVE-2021-44228", "CVE-2021-45046"], "modified": "2021-12-15T13:07:41", "id": "RHSA-2021:5127", "href": "https://access.redhat.com/errata/RHSA-2021:5127", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-08-16T15:29:43", "description": "PCRE is a Perl-compatible regular expression library. \n\nSecurity Fix(es):\n\n* pcre: Buffer over-read in JIT when UTF is disabled and \\X or \\R has fixed quantifier greater than 1 (CVE-2019-20838)\n\n* pcre: Integer overflow when parsing callout numeric arguments (CVE-2020-14155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-11-09T09:12:45", "type": "redhat", "title": "(RHSA-2021:4373) Low: pcre security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-20838", "CVE-2020-14155"], "modified": "2021-11-09T14:11:40", "id": "RHSA-2021:4373", "href": "https://access.redhat.com/errata/RHSA-2021:4373", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:19:08", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2022:5068\n\nSecurity Fix(es):\n\n* golang: out-of-bounds read in golang.org/x/text/language leads to DoS\n(CVE-2021-38561)\n* prometheus/client_golang: Denial of service using\nInstrumentHandlerCounter (CVE-2022-21698)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.11 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.11/updating/updating-cluster-cli.html", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-10T10:17:18", "type": "redhat", "title": "(RHSA-2022:5070) Moderate: OpenShift Container Platform 4.11.0 extras and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-18874", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-24370", "CVE-2020-28493", "CVE-2021-20095", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-23177", "CVE-2021-25219", "CVE-2021-31566", "CVE-2021-3580", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3737", "CVE-2021-38561", "CVE-2021-40528", "CVE-2021-4189", "CVE-2021-42771", "CVE-2022-0778", "CVE-2022-1271", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1706", "CVE-2022-1729", "CVE-2022-21698", "CVE-2022-22576", "CVE-2022-23772", "CVE-2022-23773", "CVE-2022-23806", "CVE-2022-24407", "CVE-2022-24675", "CVE-2022-24778", "CVE-2022-24903", "CVE-2022-24921", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-27191", "CVE-2022-27774", "CVE-2022-27776", "CVE-2022-27782", "CVE-2022-28327", "CVE-2022-29162", "CVE-2022-29824"], "modified": "2022-08-24T07:59:37", "id": "RHSA-2022:5070", "href": "https://access.redhat.com/errata/RHSA-2022:5070", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-27T16:20:54", "description": "The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.\n\nSecurity Fix(es):\n\n* libarchive: extracting a symlink with ACLs modifies ACLs of target (CVE-2021-23177)\n\n* libarchive: symbolic links incorrectly followed when changing modes, times, ACL and flags of a file while extracting an archive (CVE-2021-31566)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2022-03-15T09:11:33", "type": "redhat", "title": "(RHSA-2022:0892) Moderate: libarchive security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-23177", "CVE-2021-31566"], "modified": "2022-03-15T09:22:52", "id": "RHSA-2022:0892", "href": "https://access.redhat.com/errata/RHSA-2022:0892", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-16T15:29:43", "description": "The ncurses (new curses) library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo.\n\nSecurity Fix(es):\n\n* ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c (CVE-2019-17594)\n\n* ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c (CVE-2019-17595)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.5}, "published": "2021-11-09T09:21:17", "type": "redhat", "title": "(RHSA-2021:4426) Moderate: ncurses security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-17594", "CVE-2019-17595"], "modified": "2021-11-09T14:11:19", "id": "RHSA-2021:4426", "href": "https://access.redhat.com/errata/RHSA-2021:4426", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:P"}}, {"lastseen": "2023-06-03T15:19:08", "description": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* nodejs-url-parse: authorization bypass through user-controlled key (CVE-2022-0512)\n\n* npm-url-parse: Authorization bypass through user-controlled key (CVE-2022-0686)\n\n* npm-url-parse: authorization bypass through user-controlled key (CVE-2022-0691)\n\n* eventsource: Exposure of Sensitive Information (CVE-2022-1650)\n\n* nodejs-lodash: ReDoS via the toNumber, trim and trimEnd functions (CVE-2020-28500)\n\n* nodejs-lodash: command injection via template (CVE-2021-23337)\n\n* npm-url-parse: Authorization Bypass Through User-Controlled Key (CVE-2022-0639)\n\n* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-13T00:51:46", "type": "redhat", "title": "(RHSA-2022:6429) Important: Migration Toolkit for Containers (MTC) 1.7.4 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-15586", "CVE-2020-16845", "CVE-2020-24370", "CVE-2020-28493", "CVE-2020-28500", "CVE-2020-8559", "CVE-2021-20095", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-23177", "CVE-2021-23337", "CVE-2021-25219", "CVE-2021-31566", "CVE-2021-3580", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3737", "CVE-2021-40528", "CVE-2021-4189", "CVE-2021-42771", "CVE-2022-0512", "CVE-2022-0639", "CVE-2022-0686", "CVE-2022-0691", "CVE-2022-1271", "CVE-2022-1292", "CVE-2022-1586", "CVE-2022-1650", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-2068", "CVE-2022-2097", "CVE-2022-24407", "CVE-2022-2526", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-29154", "CVE-2022-29824", "CVE-2022-30629", "CVE-2022-30631", "CVE-2022-32206", "CVE-2022-32208"], "modified": "2022-09-13T00:51:54", "id": "RHSA-2022:6429", "href": "https://access.redhat.com/errata/RHSA-2022:6429", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T14:34:16", "description": "GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures.\n\nSecurity Fix(es):\n\n* glib2: Possible privilege escalation thourgh pkexec and aliases (CVE-2021-3800)\n\n* glib: g_file_replace() with G_FILE_CREATE_REPLACE_DESTINATION creates empty target for dangling symlink (CVE-2021-28153)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2021-11-09T09:16:02", "type": "redhat", "title": "(RHSA-2021:4385) Moderate: glib2 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-28153", "CVE-2021-3800"], "modified": "2021-11-09T14:12:07", "id": "RHSA-2021:4385", "href": "https://access.redhat.com/errata/RHSA-2021:4385", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-08-30T12:45:50", "description": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es):\n\n* golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-04-19T10:16:29", "type": "redhat", "title": "(RHSA-2022:1396) Moderate: Migration Toolkit for Containers (MTC) 1.5.4 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3577", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-25709", "CVE-2020-25710", "CVE-2021-0920", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-21684", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22925", "CVE-2021-23177", "CVE-2021-28153", "CVE-2021-31566", "CVE-2021-3200", "CVE-2021-33560", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36221", "CVE-2021-3800", "CVE-2021-3999", "CVE-2021-41190", "CVE-2021-4122", "CVE-2021-4154", "CVE-2021-42574", "CVE-2021-44716", "CVE-2021-44717", "CVE-2021-45960", "CVE-2021-46143", "CVE-2022-0261", "CVE-2022-0318", "CVE-2022-0330", "CVE-2022-0359", "CVE-2022-0361", "CVE-2022-0392", "CVE-2022-0413", "CVE-2022-0435", "CVE-2022-0492", "CVE-2022-0516", "CVE-2022-0532", "CVE-2022-0778", "CVE-2022-0847", "CVE-2022-22816", "CVE-2022-22817", "CVE-2022-22822", "CVE-2022-22823", "CVE-2022-22824", "CVE-2022-22825", "CVE-2022-22826", "CVE-2022-22827", "CVE-2022-22942", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23308", "CVE-2022-23852", "CVE-2022-24407", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25315"], "modified": "2022-04-19T10:16:51", "id": "RHSA-2022:1396", "href": "https://access.redhat.com/errata/RHSA-2022:1396", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2023-08-02T15:22:08", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4396 advisory.\n\n - Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2019-5827)\n\n - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. (CVE-2019-13750)\n\n - Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2019-13751)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : sqlite (ALSA-2021:4396)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-19603", "CVE-2019-5827", "CVE-2020-13435"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:lemon", "p-cpe:/a:alma:linux:sqlite", "p-cpe:/a:alma:linux:sqlite-devel", "p-cpe:/a:alma:linux:sqlite-doc", "p-cpe:/a:alma:linux:sqlite-libs", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2021-4396.NASL", "href": "https://www.tenable.com/plugins/nessus/157628", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:4396.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157628);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\n \"CVE-2019-5827\",\n \"CVE-2019-13750\",\n \"CVE-2019-13751\",\n \"CVE-2019-19603\",\n \"CVE-2020-13435\"\n );\n script_xref(name:\"ALSA\", value:\"2021:4396\");\n script_xref(name:\"IAVA\", value:\"2019-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0444-S\");\n\n script_name(english:\"AlmaLinux 8 : sqlite (ALSA-2021:4396)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2021:4396 advisory.\n\n - Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2019-5827)\n\n - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to\n bypass defense-in-depth measures via a crafted HTML page. (CVE-2019-13750)\n\n - Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain\n potentially sensitive information from process memory via a crafted HTML page. (CVE-2019-13751)\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-4396.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5827\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:sqlite-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'lemon-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-doc-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-libs');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-02T15:09:29", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4396 advisory.\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. (CVE-2019-19603)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (CVE-2019-5827)\n\n - Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (CVE-2019-13751)\n\n - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page. (CVE-2019-13750)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : sqlite (ELSA-2021-4396)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-19603", "CVE-2019-5827", "CVE-2020-13435"], "modified": "2021-11-17T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:lemon", "p-cpe:/a:oracle:linux:sqlite", "p-cpe:/a:oracle:linux:sqlite-devel", "p-cpe:/a:oracle:linux:sqlite-doc", "p-cpe:/a:oracle:linux:sqlite-libs"], "id": "ORACLELINUX_ELSA-2021-4396.NASL", "href": "https://www.tenable.com/plugins/nessus/155418", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4396.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155418);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/17\");\n\n script_cve_id(\n \"CVE-2019-5827\",\n \"CVE-2019-13750\",\n \"CVE-2019-13751\",\n \"CVE-2019-19603\",\n \"CVE-2020-13435\"\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0444-S\");\n\n script_name(english:\"Oracle Linux 8 : sqlite (ELSA-2021-4396)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-4396 advisory.\n\n - SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application\n crash. (CVE-2019-19603)\n\n - SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. (CVE-2020-13435)\n\n - Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to\n potentially exploit heap corruption via a crafted HTML page. (CVE-2019-5827)\n\n - Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain\n potentially sensitive information from process memory via a crafted HTML page. (CVE-2019-13751)\n\n - Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to\n bypass defense-in-depth measures via a crafted HTML page. (CVE-2019-13750)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4396.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5827\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sqlite-libs\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'lemon-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lemon-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-doc-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lemon / sqlite / sqlite-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-15T15:34:15", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4396 advisory.\n\n - sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)\n\n - sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)\n\n - sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)\n\n - sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)\n\n - sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : sqlite (RHSA-2021:4396)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-19603", "CVE-2019-5827", "CVE-2020-13435"], "modified": "2023-09-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:lemon", "p-cpe:/a:redhat:enterprise_linux:sqlite", "p-cpe:/a:redhat:enterprise_linux:sqlite-devel", "p-cpe:/a:redhat:enterprise_linux:sqlite-doc", "p-cpe:/a:redhat:enterprise_linux:sqlite-libs", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6"], "id": "REDHAT-RHSA-2021-4396.NASL", "href": "https://www.tenable.com/plugins/nessus/155211", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4396. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155211);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/13\");\n\n script_cve_id(\n \"CVE-2019-5827\",\n \"CVE-2019-13750\",\n \"CVE-2019-13751\",\n \"CVE-2019-19603\",\n \"CVE-2020-13435\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4396\");\n\n script_name(english:\"RHEL 8 : sqlite (RHSA-2021:4396)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4396 advisory.\n\n - sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)\n\n - sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)\n\n - sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)\n\n - sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)\n\n - sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-5827\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-13750\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-13751\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-19603\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-13435\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4396\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1706805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781997\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1781998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1785318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1841231\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5827\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 125, 476);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sqlite-libs\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'lemon-3.26.0-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-doc-3.26.0-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'lemon-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-doc-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-libs');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-03T14:57:54", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4396 advisory.\n\n - sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)\n\n - sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)\n\n - sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)\n\n - sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)\n\n - sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : sqlite (CESA-2021:4396)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13750", "CVE-2019-13751", "CVE-2019-19603", "CVE-2019-5827", "CVE-2020-13435"], "modified": "2021-11-11T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:lemon", "p-cpe:/a:centos:centos:sqlite", "p-cpe:/a:centos:centos:sqlite-devel", "p-cpe:/a:centos:centos:sqlite-doc", "p-cpe:/a:centos:centos:sqlite-libs"], "id": "CENTOS8_RHSA-2021-4396.NASL", "href": "https://www.tenable.com/plugins/nessus/155196", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4396. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155196);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/11\");\n\n script_cve_id(\n \"CVE-2019-5827\",\n \"CVE-2019-13750\",\n \"CVE-2019-13751\",\n \"CVE-2019-19603\",\n \"CVE-2020-13435\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4396\");\n script_xref(name:\"IAVA\", value:\"2019-A-0140-S\");\n script_xref(name:\"IAVA\", value:\"2019-A-0444-S\");\n\n script_name(english:\"CentOS 8 : sqlite (CESA-2021:4396)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:4396 advisory.\n\n - sqlite: dropping of shadow tables not restricted in defensive mode (CVE-2019-13750)\n\n - sqlite: fts3: improve detection of corrupted records (CVE-2019-13751)\n\n - sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS (CVE-2019-19603)\n\n - sqlite: out-of-bounds access due to the use of 32-bit memory allocator interfaces (CVE-2019-5827)\n\n - sqlite: NULL pointer dereference in sqlite3ExprCodeTarget() (CVE-2020-13435)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4396\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5827\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:lemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:sqlite-libs\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'lemon-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'lemon-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-devel-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-doc-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-doc-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'sqlite-libs-3.26.0-15.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'lemon / sqlite / sqlite-devel / sqlite-doc / sqlite-libs');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:48:22", "description": "According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1245)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-02-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1245.NASL", "href": "https://www.tenable.com/plugins/nessus/158411", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158411);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/25\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1245)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1245\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?61b54aed\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-3.1-1.h11.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:43", "description": "According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1309)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-03-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1309.NASL", "href": "https://www.tenable.com/plugins/nessus/158535", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158535);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/02\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1309)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1309\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?41584c56\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-2.9-1.h10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:25:41", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4513 advisory.\n\n - libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084, CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : libsepol (RHSA-2021:4513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:libsepol", "p-cpe:/a:redhat:enterprise_linux:libsepol-devel", "p-cpe:/a:redhat:enterprise_linux:libsepol-static"], "id": "REDHAT-RHSA-2021-4513.NASL", "href": "https://www.tenable.com/plugins/nessus/155202", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4513. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155202);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4513\");\n\n script_name(english:\"RHEL 8 : libsepol (RHSA-2021:4513)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4513 advisory.\n\n - libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084, CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-36084\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-36085\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-36086\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-36087\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1979662\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1979664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1979668\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol, libsepol-devel and / or libsepol-static packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(119, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libsepol-static\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libsepol-2.9-3.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libsepol-2.9-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsepol / libsepol-devel / libsepol-static');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:18", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4513 advisory.\n\n - libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084, CVE-2021-36085)\n\n - libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086)\n\n - libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "CentOS 8 : libsepol (CESA-2021:4513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2021-11-11T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:libsepol", "p-cpe:/a:centos:centos:libsepol-devel", "p-cpe:/a:centos:centos:libsepol-static"], "id": "CENTOS8_RHSA-2021-4513.NASL", "href": "https://www.tenable.com/plugins/nessus/155077", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2021:4513. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155077);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/11\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n script_xref(name:\"RHSA\", value:\"2021:4513\");\n\n script_name(english:\"CentOS 8 : libsepol (CESA-2021:4513)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2021:4513 advisory.\n\n - libsepol: use-after-free in __cil_verify_classperms() (CVE-2021-36084, CVE-2021-36085)\n\n - libsepol: use-after-free in cil_reset_classpermission() (CVE-2021-36086)\n\n - libsepol: heap-based buffer overflow in ebitmap_match_any() (CVE-2021-36087)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4513\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol, libsepol-devel and / or libsepol-static packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libsepol-static\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nvar os_ver = os_ver[1];\nif ('CentOS Stream' >!< release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'libsepol-2.9-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsepol / libsepol-devel / libsepol-static');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:35:46", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4513 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-17T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : libsepol (ELSA-2021-4513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2021-11-17T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:libsepol", "p-cpe:/a:oracle:linux:libsepol-devel", "p-cpe:/a:oracle:linux:libsepol-static"], "id": "ORACLELINUX_ELSA-2021-4513.NASL", "href": "https://www.tenable.com/plugins/nessus/155432", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2021-4513.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155432);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/11/17\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"Oracle Linux 8 : libsepol (ELSA-2021-4513)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2021-4513 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2021-4513.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol, libsepol-devel and / or libsepol-static packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsepol-static\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'libsepol-2.9-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-2.9-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsepol / libsepol-devel / libsepol-static');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:16", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-170 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-04T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-170)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-11-04T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libsepol", "p-cpe:/a:amazon:linux:libsepol-debuginfo", "p-cpe:/a:amazon:linux:libsepol-debugsource", "p-cpe:/a:amazon:linux:libsepol-devel", "p-cpe:/a:amazon:linux:libsepol-static", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-170.NASL", "href": "https://www.tenable.com/plugins/nessus/166992", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-170.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166992);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/04\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-170)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-170 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-170.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36084.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36085.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36086.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36087.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update libsepol --releasever=2022.0.20221102' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'libsepol-3.3-2.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-3.3-2.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-3.3-2.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.3-2.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.3-2.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.3-2.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.3-2.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.3-2.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.3-2.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.3-2.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.3-2.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.3-2.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.3-2.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.3-2.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.3-2.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol / libsepol-debuginfo / libsepol-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T14:34:17", "description": "The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5391-1 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-04-27T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : libsepol vulnerabilities (USN-5391-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libsepol1", "p-cpe:/a:canonical:ubuntu_linux:libsepol1-dev", "p-cpe:/a:canonical:ubuntu_linux:sepol-utils"], "id": "UBUNTU_USN-5391-1.NASL", "href": "https://www.tenable.com/plugins/nessus/160233", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5391-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160233);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n script_xref(name:\"USN\", value:\"5391-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : libsepol vulnerabilities (USN-5391-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe USN-5391-1 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5391-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol1, libsepol1-dev and / or sepol-utils packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsepol1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libsepol1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sepol-utils\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('16.04' >< os_release || '18.04' >< os_release || '20.04' >< os_release || '21.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'libsepol1', 'pkgver': '2.4-2ubuntu0.1~esm1'},\n {'osver': '16.04', 'pkgname': 'libsepol1-dev', 'pkgver': '2.4-2ubuntu0.1~esm1'},\n {'osver': '16.04', 'pkgname': 'sepol-utils', 'pkgver': '2.4-2ubuntu0.1~esm1'},\n {'osver': '18.04', 'pkgname': 'libsepol1', 'pkgver': '2.7-1ubuntu0.1'},\n {'osver': '18.04', 'pkgname': 'libsepol1-dev', 'pkgver': '2.7-1ubuntu0.1'},\n {'osver': '18.04', 'pkgname': 'sepol-utils', 'pkgver': '2.7-1ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'libsepol1', 'pkgver': '3.0-1ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'libsepol1-dev', 'pkgver': '3.0-1ubuntu0.1'},\n {'osver': '20.04', 'pkgname': 'sepol-utils', 'pkgver': '3.0-1ubuntu0.1'},\n {'osver': '21.10', 'pkgname': 'libsepol1', 'pkgver': '3.1-1ubuntu2.1'},\n {'osver': '21.10', 'pkgname': 'libsepol1-dev', 'pkgver': '3.1-1ubuntu2.1'},\n {'osver': '21.10', 'pkgname': 'sepol-utils', 'pkgver': '3.1-1ubuntu2.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsepol1 / libsepol1-dev / sepol-utils');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:44:00", "description": "According to the versions of the libsepol package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-18T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : libsepol (EulerOS-SA-2022-1379)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-04-18T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-1379.NASL", "href": "https://www.tenable.com/plugins/nessus/159869", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159869);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/18\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : libsepol (EulerOS-SA-2022-1379)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol package installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1379\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?26243a9e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-3.1-1.h12.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:06", "description": "According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-02-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1257)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-02-25T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1257.NASL", "href": "https://www.tenable.com/plugins/nessus/158378", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158378);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/25\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1257)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1257\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?48c971b8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-3.1-1.h11.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:35", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-017 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : libsepol, libsepol-devel, libsepol-static (ALAS2023-2023-017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2023-04-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libsepol", "p-cpe:/a:amazon:linux:libsepol-debuginfo", "p-cpe:/a:amazon:linux:libsepol-debugsource", "p-cpe:/a:amazon:linux:libsepol-devel", "p-cpe:/a:amazon:linux:libsepol-static", "p-cpe:/a:amazon:linux:libsepol-utils", "p-cpe:/a:amazon:linux:libsepol-utils-debuginfo", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-017.NASL", "href": "https://www.tenable.com/plugins/nessus/173096", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-017.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173096);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"Amazon Linux 2023 : libsepol, libsepol-devel, libsepol-static (ALAS2023-2023-017)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-017 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-017.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36084.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36085.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36086.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36087.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update libsepol --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'libsepol-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-debuginfo-3.4-3.amzn2023.0.3', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-debuginfo-3.4-3.amzn2023.0.3', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-debuginfo-3.4-3.amzn2023.0.3', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol / libsepol-debuginfo / libsepol-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:54", "description": "According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1293)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-03-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1293.NASL", "href": "https://www.tenable.com/plugins/nessus/158548", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158548);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/02\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1293)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1293\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a36a6da7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-2.9-1.h10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:41:19", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:4513 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : libsepol (ALSA-2021:4513)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libsepol", "p-cpe:/a:alma:linux:libsepol-devel", "p-cpe:/a:alma:linux:libsepol-static", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2021-4513.NASL", "href": "https://www.tenable.com/plugins/nessus/157570", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2021:4513.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157570);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n script_xref(name:\"ALSA\", value:\"2021:4513\");\n\n script_name(english:\"AlmaLinux 8 : libsepol (ALSA-2021:4513)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2021:4513 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2021-4513.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol, libsepol-devel and / or libsepol-static packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsepol-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'libsepol-2.9-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-2.9-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libsepol / libsepol-devel / libsepol-static');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-06T18:29:45", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-208 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-208)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2023-09-06T00:00:00", "cpe": ["cpe:/o:amazon:linux:2022", "p-cpe:/a:amazon:linux:libsepol", "p-cpe:/a:amazon:linux:libsepol-debuginfo", "p-cpe:/a:amazon:linux:libsepol-debugsource", "p-cpe:/a:amazon:linux:libsepol-devel", "p-cpe:/a:amazon:linux:libsepol-static", "p-cpe:/a:amazon:linux:libsepol-utils", "p-cpe:/a:amazon:linux:libsepol-utils-debuginfo"], "id": "AL2022_ALAS2022-2022-208.NASL", "href": "https://www.tenable.com/plugins/nessus/170591", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-208.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170591);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/06\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-208)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-208 advisory.\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-208.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36084.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36085.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36086.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-36087.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update libsepol' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libsepol-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'libsepol-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debuginfo-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-debugsource-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-devel-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-static-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-debuginfo-3.4-3.amzn2022.0.2', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-debuginfo-3.4-3.amzn2022.0.2', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsepol-utils-debuginfo-3.4-3.amzn2022.0.2', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol / libsepol-debuginfo / libsepol-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-06T18:30:28", "description": "According to the versions of the libsepol package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : libsepol (EulerOS-SA-2022-1405)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087"], "modified": "2023-09-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-1405.NASL", "href": "https://www.tenable.com/plugins/nessus/170502", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170502);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/06\");\n\n script_cve_id(\n \"CVE-2021-36084\",\n \"CVE-2021-36085\",\n \"CVE-2021-36086\",\n \"CVE-2021-36087\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : libsepol (EulerOS-SA-2022-1405)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol package installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\n - The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in ebitmap_match_any (called indirectly\n from cil_check_neverallow). This occurs because there is sometimes a lack of checks for invalid statements\n in an optional block. (CVE-2021-36087)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1405\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?727dd40e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36087\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-3.1-1.h12.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:46", "description": "According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. (CVE-2022-23219)\n\n - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system. (CVE-2021-3999)\n\n - The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.\n (CVE-2021-27645)\n\n - The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. (CVE-2022-23218)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-04-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : glibc (EulerOS-SA-2022-1565)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-27645", "CVE-2021-3999", "CVE-2022-23218", "CVE-2022-23219"], "modified": "2023-03-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:glibc", "p-cpe:/a:huawei:euleros:glibc-all-langpacks", "p-cpe:/a:huawei:euleros:glibc-common", "p-cpe:/a:huawei:euleros:glibc-devel", "p-cpe:/a:huawei:euleros:glibc-headers", "p-cpe:/a:huawei:euleros:glibc-langpack-aa", "p-cpe:/a:huawei:euleros:glibc-langpack-af", "p-cpe:/a:huawei:euleros:glibc-langpack-agr", "p-cpe:/a:huawei:euleros:glibc-langpack-ak", "p-cpe:/a:huawei:euleros:glibc-langpack-am", "p-cpe:/a:huawei:euleros:glibc-langpack-an", "p-cpe:/a:huawei:euleros:glibc-langpack-anp", "p-cpe:/a:huawei:euleros:glibc-langpack-ar", "p-cpe:/a:huawei:euleros:glibc-langpack-as", "p-cpe:/a:huawei:euleros:glibc-langpack-ast", "p-cpe:/a:huawei:euleros:glibc-langpack-ayc", "p-cpe:/a:huawei:euleros:glibc-langpack-az", "p-cpe:/a:huawei:euleros:glibc-langpack-be", "p-cpe:/a:huawei:euleros:glibc-langpack-bem", "p-cpe:/a:huawei:euleros:glibc-langpack-ber", "p-cpe:/a:huawei:euleros:glibc-langpack-bg", "p-cpe:/a:huawei:euleros:glibc-langpack-bhb", "p-cpe:/a:huawei:euleros:glibc-langpack-bho", "p-cpe:/a:huawei:euleros:glibc-langpack-bi", "p-cpe:/a:huawei:euleros:glibc-langpack-bn", "p-cpe:/a:huawei:euleros:glibc-langpack-bo", "p-cpe:/a:huawei:euleros:glibc-langpack-br", "p-cpe:/a:huawei:euleros:glibc-langpack-brx", "p-cpe:/a:huawei:euleros:glibc-langpack-bs", "p-cpe:/a:huawei:euleros:glibc-langpack-byn", "p-cpe:/a:huawei:euleros:glibc-langpack-ca", "p-cpe:/a:huawei:euleros:glibc-langpack-ce", "p-cpe:/a:huawei:euleros:glibc-langpack-chr", "p-cpe:/a:huawei:euleros:glibc-langpack-cmn", "p-cpe:/a:huawei:euleros:glibc-langpack-crh", "p-cpe:/a:huawei:euleros:glibc-langpack-cs", "p-cpe:/a:huawei:euleros:glibc-langpack-csb", "p-cpe:/a:huawei:euleros:glibc-langpack-cv", "p-cpe:/a:huawei:euleros:glibc-langpack-cy", "p-cpe:/a:huawei:euleros:glibc-langpack-da", "p-cpe:/a:huawei:euleros:glibc-langpack-de", "p-cpe:/a:huawei:euleros:glibc-langpack-doi", "p-cpe:/a:huawei:euleros:glibc-langpack-dsb", "p-cpe:/a:huawei:euleros:glibc-langpack-dv", "p-cpe:/a:huawei:euleros:glibc-langpack-dz", "p-cpe:/a:huawei:euleros:glibc-langpack-el", "p-cpe:/a:huawei:euleros:glibc-langpack-en", "p-cpe:/a:huawei:euleros:glibc-langpack-eo", "p-cpe:/a:huawei:euleros:glibc-langpack-es", "p-cpe:/a:huawei:euleros:glibc-langpack-et", "p-cpe:/a:huawei:euleros:glibc-langpack-eu", "p-cpe:/a:huawei:euleros:glibc-langpack-fa", "p-cpe:/a:huawei:euleros:glibc-langpack-ff", "p-cpe:/a:huawei:euleros:glibc-langpack-fi", "p-cpe:/a:huawei:euleros:glibc-langpack-fil", "p-cpe:/a:huawei:euleros:glibc-langpack-fo", "p-cpe:/a:huawei:euleros:glibc-langpack-fr", "p-cpe:/a:huawei:euleros:glibc-langpack-fur", "p-cpe:/a:huawei:euleros:glibc-langpack-fy", "p-cpe:/a:huawei:euleros:glibc-langpack-ga", "p-cpe:/a:huawei:euleros:glibc-langpack-gd", "p-cpe:/a:huawei:euleros:glibc-langpack-gez", "p-cpe:/a:huawei:euleros:glibc-langpack-gl", "p-cpe:/a:huawei:euleros:glibc-langpack-gu", "p-cpe:/a:huawei:euleros:glibc-langpack-gv", "p-cpe:/a:huawei:euleros:glibc-langpack-ha", "p-cpe:/a:huawei:euleros:glibc-langpack-hak", "p-cpe:/a:huawei:euleros:glibc-langpack-he", "p-cpe:/a:huawei:euleros:glibc-langpack-hi", "p-cpe:/a:huawei:euleros:glibc-langpack-hif", "p-cpe:/a:huawei:euleros:glibc-langpack-hne", "p-cpe:/a:huawei:euleros:glibc-langpack-hr", "p-cpe:/a:huawei:euleros:glibc-langpack-hsb", "p-cpe:/a:huawei:euleros:glibc-langpack-ht", "p-cpe:/a:huawei:euleros:glibc-langpack-hu", "p-cpe:/a:huawei:euleros:glibc-langpack-hy", "p-cpe:/a:huawei:euleros:glibc-langpack-ia", "p-cpe:/a:huawei:euleros:glibc-langpack-id", "p-cpe:/a:huawei:euleros:glibc-langpack-ig", "p-cpe:/a:huawei:euleros:glibc-langpack-ik", "p-cpe:/a:huawei:euleros:glibc-langpack-is", "p-cpe:/a:huawei:euleros:glibc-langpack-it", "p-cpe:/a:huawei:euleros:glibc-langpack-iu", "p-cpe:/a:huawei:euleros:glibc-langpack-ja", "p-cpe:/a:huawei:euleros:glibc-langpack-ka", "p-cpe:/a:huawei:euleros:glibc-langpack-kab", "p-cpe:/a:huawei:euleros:glibc-langpack-kk", "p-cpe:/a:huawei:euleros:glibc-langpack-kl", "p-cpe:/a:huawei:euleros:glibc-langpack-km", "p-cpe:/a:huawei:euleros:glibc-langpack-kn", "p-cpe:/a:huawei:euleros:glibc-langpack-ko", "p-cpe:/a:huawei:euleros:glibc-langpack-kok", "p-cpe:/a:huawei:euleros:glibc-langpack-ks", "p-cpe:/a:huawei:euleros:glibc-langpack-ku", "p-cpe:/a:huawei:euleros:glibc-langpack-kw", "p-cpe:/a:huawei:euleros:glibc-langpack-ky", "p-cpe:/a:huawei:euleros:glibc-langpack-lb", "p-cpe:/a:huawei:euleros:glibc-langpack-lg", "p-cpe:/a:huawei:euleros:glibc-langpack-li", "p-cpe:/a:huawei:euleros:glibc-langpack-lij", "p-cpe:/a:huawei:euleros:glibc-langpack-ln", "p-cpe:/a:huawei:euleros:glibc-langpack-lo", "p-cpe:/a:huawei:euleros:glibc-langpack-lt", "p-cpe:/a:huawei:euleros:glibc-langpack-lv", "p-cpe:/a:huawei:euleros:glibc-langpack-lzh", "p-cpe:/a:huawei:euleros:glibc-langpack-mag", "p-cpe:/a:huawei:euleros:glibc-langpack-mai", "p-cpe:/a:huawei:euleros:glibc-langpack-mfe", "p-cpe:/a:huawei:euleros:glibc-langpack-mg", "p-cpe:/a:huawei:euleros:glibc-langpack-mhr", "p-cpe:/a:huawei:euleros:glibc-langpack-mi", "p-cpe:/a:huawei:euleros:glibc-langpack-miq", "p-cpe:/a:huawei:euleros:glibc-langpack-mjw", "p-cpe:/a:huawei:euleros:glibc-langpack-mk", "p-cpe:/a:huawei:euleros:glibc-langpack-ml", "p-cpe:/a:huawei:euleros:glibc-langpack-mn", "p-cpe:/a:huawei:euleros:glibc-langpack-mni", "p-cpe:/a:huawei:euleros:glibc-langpack-mr", "p-cpe:/a:huawei:euleros:glibc-langpack-ms", "p-cpe:/a:huawei:euleros:glibc-langpack-mt", "p-cpe:/a:huawei:euleros:glibc-langpack-my", "p-cpe:/a:huawei:euleros:glibc-langpack-nan", "p-cpe:/a:huawei:euleros:glibc-langpack-nb", "p-cpe:/a:huawei:euleros:glibc-langpack-nds", "p-cpe:/a:huawei:euleros:glibc-langpack-ne", "p-cpe:/a:huawei:euleros:glibc-langpack-nhn", "p-cpe:/a:huawei:euleros:glibc-langpack-niu", "p-cpe:/a:huawei:euleros:glibc-langpack-nl", "p-cpe:/a:huawei:euleros:glibc-langpack-nn", "p-cpe:/a:huawei:euleros:glibc-langpack-nr", "p-cpe:/a:huawei:euleros:glibc-langpack-nso", "p-cpe:/a:huawei:euleros:glibc-langpack-oc", "p-cpe:/a:huawei:euleros:glibc-langpack-om", "p-cpe:/a:huawei:euleros:glibc-langpack-or", "p-cpe:/a:huawei:euleros:glibc-langpack-os", "p-cpe:/a:huawei:euleros:glibc-langpack-pa", "p-cpe:/a:huawei:euleros:glibc-langpack-pap", "p-cpe:/a:huawei:euleros:glibc-langpack-pl", "p-cpe:/a:huawei:euleros:glibc-langpack-ps", "p-cpe:/a:huawei:euleros:glibc-langpack-pt", "p-cpe:/a:huawei:euleros:glibc-langpack-quz", "p-cpe:/a:huawei:euleros:glibc-langpack-raj", "p-cpe:/a:huawei:euleros:glibc-langpack-ro", "p-cpe:/a:huawei:euleros:glibc-langpack-ru", "p-cpe:/a:huawei:euleros:glibc-langpack-rw", "p-cpe:/a:huawei:euleros:glibc-langpack-sa", "p-cpe:/a:huawei:euleros:glibc-langpack-sah", "p-cpe:/a:huawei:euleros:glibc-langpack-sat", "p-cpe:/a:huawei:euleros:glibc-langpack-sc", "p-cpe:/a:huawei:euleros:glibc-langpack-sd", "p-cpe:/a:huawei:euleros:glibc-langpack-se", "p-cpe:/a:huawei:euleros:glibc-langpack-sgs", "p-cpe:/a:huawei:euleros:glibc-langpack-shn", "p-cpe:/a:huawei:euleros:glibc-langpack-shs", "p-cpe:/a:huawei:euleros:glibc-langpack-si", "p-cpe:/a:huawei:euleros:glibc-langpack-sid", "p-cpe:/a:huawei:euleros:glibc-langpack-sk", "p-cpe:/a:huawei:euleros:glibc-langpack-sl", "p-cpe:/a:huawei:euleros:glibc-langpack-sm", "p-cpe:/a:huawei:euleros:glibc-langpack-so", "p-cpe:/a:huawei:euleros:glibc-langpack-sq", "p-cpe:/a:huawei:euleros:glibc-langpack-sr", "p-cpe:/a:huawei:euleros:glibc-langpack-ss", "p-cpe:/a:huawei:euleros:glibc-langpack-st", "p-cpe:/a:huawei:euleros:glibc-langpack-sv", "p-cpe:/a:huawei:euleros:glibc-langpack-sw", "p-cpe:/a:huawei:euleros:glibc-langpack-szl", "p-cpe:/a:huawei:euleros:glibc-langpack-ta", "p-cpe:/a:huawei:euleros:glibc-langpack-tcy", "p-cpe:/a:huawei:euleros:glibc-langpack-te", "p-cpe:/a:huawei:euleros:glibc-langpack-tg", "p-cpe:/a:huawei:euleros:glibc-langpack-th", "p-cpe:/a:huawei:euleros:glibc-langpack-the", "p-cpe:/a:huawei:euleros:glibc-langpack-ti", "p-cpe:/a:huawei:euleros:glibc-langpack-tig", "p-cpe:/a:huawei:euleros:glibc-langpack-tk", "p-cpe:/a:huawei:euleros:glibc-langpack-tl", "p-cpe:/a:huawei:euleros:glibc-langpack-tn", "p-cpe:/a:huawei:euleros:glibc-langpack-to", "p-cpe:/a:huawei:euleros:glibc-langpack-tpi", "p-cpe:/a:huawei:euleros:glibc-langpack-tr", "p-cpe:/a:huawei:euleros:glibc-langpack-ts", "p-cpe:/a:huawei:euleros:glibc-langpack-tt", "p-cpe:/a:huawei:euleros:glibc-langpack-ug", "p-cpe:/a:huawei:euleros:glibc-langpack-uk", "p-cpe:/a:huawei:euleros:glibc-langpack-unm", "p-cpe:/a:huawei:euleros:glibc-langpack-ur", "p-cpe:/a:huawei:euleros:glibc-langpack-uz", "p-cpe:/a:huawei:euleros:glibc-langpack-ve", "p-cpe:/a:huawei:euleros:glibc-langpack-vi", "p-cpe:/a:huawei:euleros:glibc-langpack-wa", "p-cpe:/a:huawei:euleros:glibc-langpack-wae", "p-cpe:/a:huawei:euleros:glibc-langpack-wal", "p-cpe:/a:huawei:euleros:glibc-langpack-wo", "p-cpe:/a:huawei:euleros:glibc-langpack-xh", "p-cpe:/a:huawei:euleros:glibc-langpack-yi", "p-cpe:/a:huawei:euleros:glibc-langpack-yo", "p-cpe:/a:huawei:euleros:glibc-langpack-yue", "p-cpe:/a:huawei:euleros:glibc-langpack-yuw", "p-cpe:/a:huawei:euleros:glibc-langpack-zh", "p-cpe:/a:huawei:euleros:glibc-langpack-zu", "p-cpe:/a:huawei:euleros:glibc-locale-source", "p-cpe:/a:huawei:euleros:glibc-minimal-langpack", "p-cpe:/a:huawei:euleros:glibc-static", "p-cpe:/a:huawei:euleros:glibc-utils", "p-cpe:/a:huawei:euleros:libnsl", "p-cpe:/a:huawei:euleros:nscd", "p-cpe:/a:huawei:euleros:nss_db", "p-cpe:/a:huawei:euleros:nss_hesiod", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1565.NASL", "href": "https://www.tenable.com/plugins/nessus/160141", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160141);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\n \"CVE-2021-3999\",\n \"CVE-2021-27645\",\n \"CVE-2022-23218\",\n \"CVE-2022-23219\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : glibc (EulerOS-SA-2022-1565)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc)\n through 2.34 copies its hostname argument on the stack without validating its length, which may result in\n a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a\n stack protector enabled) arbitrary code execution. (CVE-2022-23219)\n\n - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory\n corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and\n size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and\n escalate their privileges on the system. (CVE-2021-3999)\n\n - The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when\n processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in\n degraded service or Denial of Service on the local system. This is related to netgroupcache.c.\n (CVE-2021-27645)\n\n - The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc)\n through 2.34 copies its path argument on the stack without validating its length, which may result in a\n buffer overflow, potentially resulting in a denial of service or (if an application is not built with a\n stack protector enabled) arbitrary code execution. (CVE-2022-23218)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1565\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?163bc935\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected glibc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23219\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/04/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-all-langpacks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-aa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-agr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-anp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ayc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bhb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bho\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-brx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-byn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-chr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cmn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-crh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-doi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-dv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-dz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ha\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ht\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ik\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-iu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kok\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ky\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-li\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ln\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lzh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mag\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mfe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mhr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-miq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mjw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nhn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-niu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-om\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-os\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-quz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-raj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-rw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sgs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-shn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-shs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-st\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tcy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-the\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-to\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-unm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yuw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-zh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-locale-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-minimal-langpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libnsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss_db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss_hesiod\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"glibc-2.28-9.h71.eulerosv2r8\",\n \"glibc-all-langpacks-2.28-9.h71.eulerosv2r8\",\n \"glibc-common-2.28-9.h71.eulerosv2r8\",\n \"glibc-devel-2.28-9.h71.eulerosv2r8\",\n \"glibc-headers-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-aa-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-af-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-agr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ak-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-am-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-an-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-anp-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ar-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-as-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ast-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ayc-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-az-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-be-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bem-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ber-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bg-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bhb-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bho-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bo-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-br-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-brx-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-bs-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-byn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ca-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ce-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-chr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-cmn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-crh-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-cs-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-csb-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-cv-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-cy-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-da-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-de-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-doi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-dsb-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-dv-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-dz-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-el-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-en-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-eo-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-es-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-et-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-eu-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fa-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ff-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fil-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fo-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fur-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-fy-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ga-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-gd-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-gez-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-gl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-gu-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-gv-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ha-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hak-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-he-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hif-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hne-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hsb-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ht-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hu-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-hy-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ia-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-id-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ig-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ik-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-is-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-it-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-iu-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ja-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ka-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-kab-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-kk-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-kl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-km-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-kn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ko-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-kok-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ks-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ku-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-kw-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ky-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lb-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lg-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-li-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lij-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ln-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lo-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lt-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lv-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-lzh-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mag-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mai-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mfe-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mg-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mhr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-miq-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mjw-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mk-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ml-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mni-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ms-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-mt-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-my-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nan-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nb-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nds-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ne-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nhn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-niu-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-nso-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-oc-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-om-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-or-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-os-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-pa-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-pap-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-pl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ps-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-pt-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-quz-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-raj-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ro-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ru-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-rw-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sa-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sah-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sat-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sc-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sd-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-se-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sgs-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-shn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-shs-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-si-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sid-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sk-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sm-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-so-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sq-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ss-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-st-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sv-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-sw-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-szl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ta-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tcy-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-te-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tg-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-th-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-the-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ti-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tig-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tk-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tl-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tn-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-to-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tpi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tr-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ts-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-tt-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ug-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-uk-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-unm-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ur-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-uz-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-ve-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-vi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-wa-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-wae-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-wal-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-wo-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-xh-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-yi-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-yo-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-yue-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-yuw-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-zh-2.28-9.h71.eulerosv2r8\",\n \"glibc-langpack-zu-2.28-9.h71.eulerosv2r8\",\n \"glibc-locale-source-2.28-9.h71.eulerosv2r8\",\n \"glibc-minimal-langpack-2.28-9.h71.eulerosv2r8\",\n \"glibc-static-2.28-9.h71.eulerosv2r8\",\n \"glibc-utils-2.28-9.h71.eulerosv2r8\",\n \"libnsl-2.28-9.h71.eulerosv2r8\",\n \"nscd-2.28-9.h71.eulerosv2r8\",\n \"nss_db-2.28-9.h71.eulerosv2r8\",\n \"nss_hesiod-2.28-9.h71.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:01", "description": "According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in degraded service or Denial of Service on the local system. This is related to netgroupcache.c.\n (CVE-2021-27645)\n\n - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system. (CVE-2021-3999)\n\n - The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. (CVE-2022-23218)\n\n - The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. (CVE-2022-23219)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : glibc (EulerOS-SA-2022-2560)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-27645", "CVE-2021-3999", "CVE-2022-23218", "CVE-2022-23219"], "modified": "2022-10-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:glibc", "p-cpe:/a:huawei:euleros:glibc-all-langpacks", "p-cpe:/a:huawei:euleros:glibc-common", "p-cpe:/a:huawei:euleros:glibc-devel", "p-cpe:/a:huawei:euleros:glibc-headers", "p-cpe:/a:huawei:euleros:glibc-langpack-aa", "p-cpe:/a:huawei:euleros:glibc-langpack-af", "p-cpe:/a:huawei:euleros:glibc-langpack-agr", "p-cpe:/a:huawei:euleros:glibc-langpack-ak", "p-cpe:/a:huawei:euleros:glibc-langpack-am", "p-cpe:/a:huawei:euleros:glibc-langpack-an", "p-cpe:/a:huawei:euleros:glibc-langpack-anp", "p-cpe:/a:huawei:euleros:glibc-langpack-ar", "p-cpe:/a:huawei:euleros:glibc-langpack-as", "p-cpe:/a:huawei:euleros:glibc-langpack-ast", "p-cpe:/a:huawei:euleros:glibc-langpack-ayc", "p-cpe:/a:huawei:euleros:glibc-langpack-az", "p-cpe:/a:huawei:euleros:glibc-langpack-be", "p-cpe:/a:huawei:euleros:glibc-langpack-bem", "p-cpe:/a:huawei:euleros:glibc-langpack-ber", "p-cpe:/a:huawei:euleros:glibc-langpack-bg", "p-cpe:/a:huawei:euleros:glibc-langpack-bhb", "p-cpe:/a:huawei:euleros:glibc-langpack-bho", "p-cpe:/a:huawei:euleros:glibc-langpack-bi", "p-cpe:/a:huawei:euleros:glibc-langpack-bn", "p-cpe:/a:huawei:euleros:glibc-langpack-bo", "p-cpe:/a:huawei:euleros:glibc-langpack-br", "p-cpe:/a:huawei:euleros:glibc-langpack-brx", "p-cpe:/a:huawei:euleros:glibc-langpack-bs", "p-cpe:/a:huawei:euleros:glibc-langpack-byn", "p-cpe:/a:huawei:euleros:glibc-langpack-ca", "p-cpe:/a:huawei:euleros:glibc-langpack-ce", "p-cpe:/a:huawei:euleros:glibc-langpack-chr", "p-cpe:/a:huawei:euleros:glibc-langpack-cmn", "p-cpe:/a:huawei:euleros:glibc-langpack-crh", "p-cpe:/a:huawei:euleros:glibc-langpack-cs", "p-cpe:/a:huawei:euleros:glibc-langpack-csb", "p-cpe:/a:huawei:euleros:glibc-langpack-cv", "p-cpe:/a:huawei:euleros:glibc-langpack-cy", "p-cpe:/a:huawei:euleros:glibc-langpack-da", "p-cpe:/a:huawei:euleros:glibc-langpack-de", "p-cpe:/a:huawei:euleros:glibc-langpack-doi", "p-cpe:/a:huawei:euleros:glibc-langpack-dsb", "p-cpe:/a:huawei:euleros:glibc-langpack-dv", "p-cpe:/a:huawei:euleros:glibc-langpack-dz", "p-cpe:/a:huawei:euleros:glibc-langpack-el", "p-cpe:/a:huawei:euleros:glibc-langpack-en", "p-cpe:/a:huawei:euleros:glibc-langpack-eo", "p-cpe:/a:huawei:euleros:glibc-langpack-es", "p-cpe:/a:huawei:euleros:glibc-langpack-et", "p-cpe:/a:huawei:euleros:glibc-langpack-eu", "p-cpe:/a:huawei:euleros:glibc-langpack-fa", "p-cpe:/a:huawei:euleros:glibc-langpack-ff", "p-cpe:/a:huawei:euleros:glibc-langpack-fi", "p-cpe:/a:huawei:euleros:glibc-langpack-fil", "p-cpe:/a:huawei:euleros:glibc-langpack-fo", "p-cpe:/a:huawei:euleros:glibc-langpack-fr", "p-cpe:/a:huawei:euleros:glibc-langpack-fur", "p-cpe:/a:huawei:euleros:glibc-langpack-fy", "p-cpe:/a:huawei:euleros:glibc-langpack-ga", "p-cpe:/a:huawei:euleros:glibc-langpack-gd", "p-cpe:/a:huawei:euleros:glibc-langpack-gez", "p-cpe:/a:huawei:euleros:glibc-langpack-gl", "p-cpe:/a:huawei:euleros:glibc-langpack-gu", "p-cpe:/a:huawei:euleros:glibc-langpack-gv", "p-cpe:/a:huawei:euleros:glibc-langpack-ha", "p-cpe:/a:huawei:euleros:glibc-langpack-hak", "p-cpe:/a:huawei:euleros:glibc-langpack-he", "p-cpe:/a:huawei:euleros:glibc-langpack-hi", "p-cpe:/a:huawei:euleros:glibc-langpack-hif", "p-cpe:/a:huawei:euleros:glibc-langpack-kk", "p-cpe:/a:huawei:euleros:glibc-langpack-kl", "p-cpe:/a:huawei:euleros:glibc-langpack-km", "p-cpe:/a:huawei:euleros:glibc-langpack-kn", "p-cpe:/a:huawei:euleros:glibc-langpack-ko", "p-cpe:/a:huawei:euleros:glibc-langpack-kok", "p-cpe:/a:huawei:euleros:glibc-langpack-ks", "p-cpe:/a:huawei:euleros:glibc-langpack-ku", "p-cpe:/a:huawei:euleros:glibc-langpack-kw", "p-cpe:/a:huawei:euleros:glibc-langpack-ky", "p-cpe:/a:huawei:euleros:glibc-langpack-lb", "p-cpe:/a:huawei:euleros:glibc-langpack-lg", "p-cpe:/a:huawei:euleros:glibc-langpack-li", "p-cpe:/a:huawei:euleros:glibc-langpack-lij", "p-cpe:/a:huawei:euleros:glibc-langpack-ln", "p-cpe:/a:huawei:euleros:glibc-langpack-lo", "p-cpe:/a:huawei:euleros:glibc-langpack-lt", "p-cpe:/a:huawei:euleros:glibc-langpack-lv", "p-cpe:/a:huawei:euleros:glibc-langpack-lzh", "p-cpe:/a:huawei:euleros:glibc-langpack-mag", "p-cpe:/a:huawei:euleros:glibc-langpack-mai", "p-cpe:/a:huawei:euleros:glibc-langpack-mfe", "p-cpe:/a:huawei:euleros:glibc-langpack-mg", "p-cpe:/a:huawei:euleros:glibc-langpack-mhr", "p-cpe:/a:huawei:euleros:glibc-langpack-mi", "p-cpe:/a:huawei:euleros:glibc-langpack-miq", "p-cpe:/a:huawei:euleros:glibc-langpack-mjw", "p-cpe:/a:huawei:euleros:glibc-langpack-my", "p-cpe:/a:huawei:euleros:glibc-langpack-mk", "p-cpe:/a:huawei:euleros:glibc-langpack-ml", "p-cpe:/a:huawei:euleros:glibc-langpack-nan", "p-cpe:/a:huawei:euleros:glibc-langpack-nb", "p-cpe:/a:huawei:euleros:glibc-langpack-mn", "p-cpe:/a:huawei:euleros:glibc-langpack-nds", "p-cpe:/a:huawei:euleros:glibc-langpack-mni", "p-cpe:/a:huawei:euleros:glibc-langpack-ne", "p-cpe:/a:huawei:euleros:glibc-langpack-mr", "p-cpe:/a:huawei:euleros:glibc-langpack-nhn", "p-cpe:/a:huawei:euleros:glibc-langpack-ms", "p-cpe:/a:huawei:euleros:glibc-langpack-niu", "p-cpe:/a:huawei:euleros:glibc-langpack-nl", "p-cpe:/a:huawei:euleros:glibc-langpack-mt", "p-cpe:/a:huawei:euleros:glibc-langpack-nn", "p-cpe:/a:huawei:euleros:glibc-langpack-os", "p-cpe:/a:huawei:euleros:glibc-langpack-nr", "p-cpe:/a:huawei:euleros:glibc-langpack-nso", "p-cpe:/a:huawei:euleros:glibc-langpack-pa", "p-cpe:/a:huawei:euleros:glibc-langpack-oc", "p-cpe:/a:huawei:euleros:glibc-langpack-pap", "p-cpe:/a:huawei:euleros:glibc-langpack-om", "p-cpe:/a:huawei:euleros:glibc-langpack-pl", "p-cpe:/a:huawei:euleros:glibc-langpack-or", "p-cpe:/a:huawei:euleros:glibc-langpack-ps", "p-cpe:/a:huawei:euleros:glibc-langpack-pt", "p-cpe:/a:huawei:euleros:glibc-langpack-quz", "p-cpe:/a:huawei:euleros:glibc-langpack-raj", "p-cpe:/a:huawei:euleros:glibc-langpack-ru", "p-cpe:/a:huawei:euleros:glibc-langpack-ro", "p-cpe:/a:huawei:euleros:glibc-minimal-langpack", "p-cpe:/a:huawei:euleros:glibc-langpack-rw", "p-cpe:/a:huawei:euleros:glibc-static", "p-cpe:/a:huawei:euleros:glibc-langpack-sa", "p-cpe:/a:huawei:euleros:glibc-utils", "p-cpe:/a:huawei:euleros:glibc-langpack-sah", "p-cpe:/a:huawei:euleros:glibc-langpack-sat", "p-cpe:/a:huawei:euleros:libnsl", "p-cpe:/a:huawei:euleros:nscd", "p-cpe:/a:huawei:euleros:glibc-langpack-sc", "p-cpe:/a:huawei:euleros:nss_db", "p-cpe:/a:huawei:euleros:glibc-langpack-sd", "p-cpe:/a:huawei:euleros:nss_hesiod", "p-cpe:/a:huawei:euleros:glibc-langpack-se", "cpe:/o:huawei:euleros:uvp:3.0.6.0", "p-cpe:/a:huawei:euleros:glibc-langpack-sgs", "p-cpe:/a:huawei:euleros:glibc-langpack-shn", "p-cpe:/a:huawei:euleros:glibc-langpack-shs", "p-cpe:/a:huawei:euleros:glibc-langpack-si", "p-cpe:/a:huawei:euleros:glibc-langpack-sid", "p-cpe:/a:huawei:euleros:glibc-langpack-sk", "p-cpe:/a:huawei:euleros:glibc-langpack-sl", "p-cpe:/a:huawei:euleros:glibc-langpack-sm", "p-cpe:/a:huawei:euleros:glibc-langpack-so", "p-cpe:/a:huawei:euleros:glibc-langpack-sq", "p-cpe:/a:huawei:euleros:glibc-langpack-sr", "p-cpe:/a:huawei:euleros:glibc-langpack-ss", "p-cpe:/a:huawei:euleros:glibc-langpack-st", "p-cpe:/a:huawei:euleros:glibc-langpack-sv", "p-cpe:/a:huawei:euleros:glibc-langpack-sw", "p-cpe:/a:huawei:euleros:glibc-langpack-szl", "p-cpe:/a:huawei:euleros:glibc-langpack-ta", "p-cpe:/a:huawei:euleros:glibc-langpack-tcy", "p-cpe:/a:huawei:euleros:glibc-langpack-te", "p-cpe:/a:huawei:euleros:glibc-langpack-tg", "p-cpe:/a:huawei:euleros:glibc-langpack-th", "p-cpe:/a:huawei:euleros:glibc-langpack-the", "p-cpe:/a:huawei:euleros:glibc-langpack-ti", "p-cpe:/a:huawei:euleros:glibc-langpack-tig", "p-cpe:/a:huawei:euleros:glibc-langpack-tk", "p-cpe:/a:huawei:euleros:glibc-langpack-tl", "p-cpe:/a:huawei:euleros:glibc-langpack-tn", "p-cpe:/a:huawei:euleros:glibc-langpack-to", "p-cpe:/a:huawei:euleros:glibc-langpack-tpi", "p-cpe:/a:huawei:euleros:glibc-langpack-tr", "p-cpe:/a:huawei:euleros:glibc-langpack-ts", "p-cpe:/a:huawei:euleros:glibc-langpack-tt", "p-cpe:/a:huawei:euleros:glibc-langpack-ug", "p-cpe:/a:huawei:euleros:glibc-langpack-uk", "p-cpe:/a:huawei:euleros:glibc-langpack-unm", "p-cpe:/a:huawei:euleros:glibc-langpack-ur", "p-cpe:/a:huawei:euleros:glibc-langpack-uz", "p-cpe:/a:huawei:euleros:glibc-langpack-ve", "p-cpe:/a:huawei:euleros:glibc-langpack-vi", "p-cpe:/a:huawei:euleros:glibc-langpack-wa", "p-cpe:/a:huawei:euleros:glibc-langpack-wae", "p-cpe:/a:huawei:euleros:glibc-langpack-wal", "p-cpe:/a:huawei:euleros:glibc-langpack-wo", "p-cpe:/a:huawei:euleros:glibc-langpack-xh", "p-cpe:/a:huawei:euleros:glibc-langpack-yi", "p-cpe:/a:huawei:euleros:glibc-langpack-yo", "p-cpe:/a:huawei:euleros:glibc-langpack-yue", "p-cpe:/a:huawei:euleros:glibc-langpack-yuw", "p-cpe:/a:huawei:euleros:glibc-langpack-zh", "p-cpe:/a:huawei:euleros:glibc-langpack-zu", "p-cpe:/a:huawei:euleros:glibc-locale-source", "p-cpe:/a:huawei:euleros:glibc-langpack-hne", "p-cpe:/a:huawei:euleros:glibc-langpack-hr", "p-cpe:/a:huawei:euleros:glibc-langpack-hsb", "p-cpe:/a:huawei:euleros:glibc-langpack-ht", "p-cpe:/a:huawei:euleros:glibc-langpack-hu", "p-cpe:/a:huawei:euleros:glibc-langpack-hy", "p-cpe:/a:huawei:euleros:glibc-langpack-ia", "p-cpe:/a:huawei:euleros:glibc-langpack-id", "p-cpe:/a:huawei:euleros:glibc-langpack-ig", "p-cpe:/a:huawei:euleros:glibc-langpack-ik", "p-cpe:/a:huawei:euleros:glibc-langpack-is", "p-cpe:/a:huawei:euleros:glibc-langpack-it", "p-cpe:/a:huawei:euleros:glibc-langpack-iu", "p-cpe:/a:huawei:euleros:glibc-langpack-ja", "p-cpe:/a:huawei:euleros:glibc-langpack-ka", "p-cpe:/a:huawei:euleros:glibc-langpack-kab"], "id": "EULEROS_SA-2022-2560.NASL", "href": "https://www.tenable.com/plugins/nessus/165975", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165975);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/10\");\n\n script_cve_id(\n \"CVE-2021-3999\",\n \"CVE-2021-27645\",\n \"CVE-2022-23218\",\n \"CVE-2022-23219\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : glibc (EulerOS-SA-2022-2560)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - The nameserver caching daemon (nscd) in the GNU C Library (aka glibc or libc6) 2.29 through 2.33, when\n processing a request for netgroup lookup, may crash due to a double-free, potentially resulting in\n degraded service or Denial of Service on the local system. This is related to netgroupcache.c.\n (CVE-2021-27645)\n\n - A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory\n corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and\n size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and\n escalate their privileges on the system. (CVE-2021-3999)\n\n - The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc)\n through 2.34 copies its path argument on the stack without validating its length, which may result in a\n buffer overflow, potentially resulting in a denial of service or (if an application is not built with a\n stack protector enabled) arbitrary code execution. (CVE-2022-23218)\n\n - The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc)\n through 2.34 copies its hostname argument on the stack without validating its length, which may result in\n a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a\n stack protector enabled) arbitrary code execution. (CVE-2022-23219)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2560\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cadbc6dd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected glibc packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-23219\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-all-langpacks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-aa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-agr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-anp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ayc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bhb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bho\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-brx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-byn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-chr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cmn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-crh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-doi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-dv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-dz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-gv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ha\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ht\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ik\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-iu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kok\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-kw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ky\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-li\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ln\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-lzh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mag\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mfe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mhr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-miq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mjw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-mt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nhn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-niu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-om\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-os\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-quz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-raj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-rw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sgs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-shn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-shs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-st\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tcy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-the\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-to\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-tt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-unm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-ve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-wo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-yuw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-zh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-langpack-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-locale-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-minimal-langpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libnsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss_db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:nss_hesiod\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"glibc-2.28-9.h72.eulerosv2r8\",\n \"glibc-all-langpacks-2.28-9.h72.eulerosv2r8\",\n \"glibc-common-2.28-9.h72.eulerosv2r8\",\n \"glibc-devel-2.28-9.h72.eulerosv2r8\",\n \"glibc-headers-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-aa-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-af-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-agr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ak-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-am-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-an-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-anp-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ar-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-as-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ast-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ayc-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-az-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-be-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bem-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ber-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bg-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bhb-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bho-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bo-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-br-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-brx-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-bs-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-byn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ca-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ce-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-chr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-cmn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-crh-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-cs-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-csb-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-cv-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-cy-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-da-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-de-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-doi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-dsb-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-dv-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-dz-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-el-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-en-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-eo-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-es-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-et-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-eu-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fa-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ff-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fil-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fo-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fur-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-fy-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ga-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-gd-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-gez-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-gl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-gu-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-gv-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ha-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hak-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-he-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hif-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hne-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hsb-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ht-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hu-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-hy-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ia-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-id-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ig-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ik-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-is-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-it-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-iu-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ja-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ka-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-kab-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-kk-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-kl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-km-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-kn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ko-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-kok-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ks-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ku-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-kw-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ky-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lb-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lg-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-li-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lij-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ln-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lo-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lt-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lv-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-lzh-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mag-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mai-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mfe-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mg-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mhr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-miq-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mjw-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mk-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ml-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mni-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ms-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-mt-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-my-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nan-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nb-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nds-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ne-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nhn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-niu-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-nso-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-oc-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-om-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-or-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-os-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-pa-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-pap-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-pl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ps-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-pt-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-quz-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-raj-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ro-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ru-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-rw-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sa-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sah-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sat-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sc-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sd-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-se-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sgs-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-shn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-shs-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-si-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sid-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sk-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sm-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-so-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sq-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ss-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-st-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sv-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-sw-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-szl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ta-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tcy-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-te-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tg-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-th-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-the-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ti-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tig-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tk-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tl-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tn-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-to-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tpi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tr-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ts-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-tt-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ug-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-uk-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-unm-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ur-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-uz-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-ve-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-vi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-wa-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-wae-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-wal-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-wo-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-xh-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-yi-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-yo-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-yue-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-yuw-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-zh-2.28-9.h72.eulerosv2r8\",\n \"glibc-langpack-zu-2.28-9.h72.eulerosv2r8\",\n \"glibc-locale-source-2.28-9.h72.eulerosv2r8\",\n \"glibc-minimal-langpack-2.28-9.h72.eulerosv2r8\",\n \"glibc-static-2.28-9.h72.eulerosv2r8\",\n \"glibc-utils-2.28-9.h72.eulerosv2r8\",\n \"libnsl-2.28-9.h72.eulerosv2r8\",\n \"nscd-2.28-9.h72.eulerosv2r8\",\n \"nss_db-2.28-9.h72.eulerosv2r8\",\n \"nss_hesiod-2.28-9.h72.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:35:10", "description": "According to the versions of the libsepol packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-10-09T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.6 : libsepol (EulerOS-SA-2022-2512)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086"], "modified": "2022-10-09T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "p-cpe:/a:huawei:euleros:libsepol-devel", "cpe:/o:huawei:euleros:uvp:3.0.6.6"], "id": "EULEROS_SA-2022-2512.NASL", "href": "https://www.tenable.com/plugins/nessus/165892", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165892);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/09\");\n\n script_cve_id(\"CVE-2021-36084\", \"CVE-2021-36085\", \"CVE-2021-36086\");\n\n script_name(english:\"EulerOS Virtualization 3.0.6.6 : libsepol (EulerOS-SA-2022-2512)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2512\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0d287f33\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36086\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.6\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.6\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-2.5-8.1.h1.eulerosv2r7\",\n \"libsepol-devel-2.5-8.1.h1.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:40:57", "description": "According to the versions of the libsepol packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-03-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libsepol (EulerOS-SA-2022-1273)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086"], "modified": "2022-03-01T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "p-cpe:/a:huawei:euleros:libsepol-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1273.NASL", "href": "https://www.tenable.com/plugins/nessus/158480", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158480);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/01\");\n\n script_cve_id(\"CVE-2021-36084\", \"CVE-2021-36085\", \"CVE-2021-36086\");\n\n script_name(english:\"EulerOS 2.0 SP5 : libsepol (EulerOS-SA-2022-1273)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1273\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc2379a2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36086\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libsepol-2.5-8.1.h1.eulerosv2r7\",\n \"libsepol-devel-2.5-8.1.h1.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libsepol\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-05T14:49:30", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities:\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash.\n OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i).\n Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). (CVE-2021-23840)\n\n - The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). (CVE-2021-23841)\n\n - ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own d2i functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the data and length fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the data field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack).\n It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y). (CVE-2021-3712)\n\n - The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self- signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). (CVE-2022-0778)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-15T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2022-0096)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-23840", "CVE-2021-23841", "CVE-2021-3712", "CVE-2022-0778"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_main:openssl", "p-cpe:/a:zte:cgsl_main:openssl-devel", "p-cpe:/a:zte:cgsl_main:openssl-libs", "p-cpe:/a:zte:cgsl_main:openssl-static", "cpe:/o:zte:cgsl_main:6"], "id": "NEWSTART_CGSL_NS-SA-2022-0096_OPENSSL.NASL", "href": "https://www.tenable.com/plugins/nessus/167478", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2022-0096. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167478);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2021-3712\",\n \"CVE-2021-23840\",\n \"CVE-2021-23841\",\n \"CVE-2022-0778\"\n );\n script_xref(name:\"IAVA\", value:\"2021-A-0103-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0395-S\");\n script_xref(name:\"IAVA\", value:\"2022-A-0121-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2022-0096)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple\nvulnerabilities:\n\n - Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument\n in some cases where the input length is close to the maximum permissable length for an integer on the\n platform. In such cases the return value from the function call will be 1 (indicating success), but the\n output length value will be negative. This could cause applications to behave incorrectly or crash.\n OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to\n OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out\n of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should\n upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i).\n Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). (CVE-2021-23840)\n\n - The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based\n on the issuer and serial number data contained within an X509 certificate. However it fails to correctly\n handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is\n maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a\n potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by\n OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on\n certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are\n affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x\n and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving\n public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should\n upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected\n 1.0.2-1.0.2x). (CVE-2021-23841)\n\n - ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a\n buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings\n which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not\n a strict requirement, ASN.1 strings that are parsed using OpenSSL's own d2i functions (and other similar\n parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will\n additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for\n applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array\n by directly setting the data and length fields in the ASN1_STRING array. This can also happen by using\n the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to\n assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for\n strings that have been directly constructed. Where an application requests an ASN.1 structure to be\n printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the\n application without NUL terminating the data field, then a read buffer overrun can occur. The same thing\n can also occur during name constraints processing of certificates (for example if a certificate has been\n directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the\n certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the\n X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an\n application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL\n functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack).\n It could also result in the disclosure of private memory contents (such as private keys, or sensitive\n plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected\n 1.0.2-1.0.2y). (CVE-2021-3712)\n\n - The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop\n forever for non-prime moduli. Internally this function is used when parsing certificates that contain\n elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point\n encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has\n invalid explicit curve parameters. Since certificate parsing happens prior to verification of the\n certificate signature, any process that parses an externally supplied certificate may thus be subject to a\n denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they\n can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients\n consuming server certificates - TLS servers consuming client certificates - Hosting providers taking\n certificates or private keys from customers - Certificate authorities parsing certification requests from\n subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that\n use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS\n issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate\n which makes it slightly harder to trigger the infinite loop. However any operation which requires the\n public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-\n signed certificate to trigger the loop during verification of the certificate signature. This issue\n affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the\n 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected\n 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). (CVE-2022-0778)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2022-0096\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23840\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-23841\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-3712\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2022-0778\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL openssl packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:openssl-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar os_release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(os_release) || os_release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (os_release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL MAIN 6.02': [\n 'openssl-1.1.1k-6.el8_5.cgslv6_2.2.g211b831',\n 'openssl-devel-1.1.1k-6.el8_5.cgslv6_2.2.g211b831',\n 'openssl-libs-1.1.1k-6.el8_5.cgslv6_2.2.g211b831',\n 'openssl-static-1.1.1k-6.el8_5.cgslv6_2.2.g211b831'\n ]\n};\nvar pkg_list = pkgs[os_release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + os_release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openssl');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:25:53", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4358 advisory.\n\n - glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (CVE-2021-27645)\n\n - glibc: mq_notify does not handle separately allocated thread attributes (CVE-2021-33574)\n\n - glibc: Arbitrary read in wordexp() (CVE-2021-35942)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-11-11T00:00:00", "type": "nessus", "title": "RHEL 8 : glibc (RHSA-2021:4358)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-27645", "CVE-2021-33574", "CVE-2021-35942"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:compat-libpthread-nonshared", "p-cpe:/a:redhat:enterprise_linux:glibc", "p-cpe:/a:redhat:enterprise_linux:glibc-all-langpacks", "p-cpe:/a:redhat:enterprise_linux:glibc-benchtests", "p-cpe:/a:redhat:enterprise_linux:glibc-common", "p-cpe:/a:redhat:enterprise_linux:glibc-devel", "p-cpe:/a:redhat:enterprise_linux:glibc-headers", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-aa", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-af", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-agr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ak", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-am", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-an", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-anp", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ar", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-as", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ast", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ayc", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-az", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-be", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bem", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ber", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bg", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bhb", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bho", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bo", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-br", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-brx", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kok", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ks", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ku", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kw", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ky", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lb", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lg", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-li", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lij", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ln", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lo", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lt", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lv", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lzh", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mag", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mai", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-es", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-et", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-eu", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fa", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ff", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fil", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fo", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fur", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fy", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ga", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gd", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gez", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gu", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gv", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ha", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hak", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-he", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hif", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hne", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hsb", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ht", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hu", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hy", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ia", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-id", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ig", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ik", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-is", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-it", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mfe", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mg", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mhr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-miq", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mjw", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mk", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ml", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mni", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ms", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mt", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-my", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nan", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nb", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nds", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ne", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-iu", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ja", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ka", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kab", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kk", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-km", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ko", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sc", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sd", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-se", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sgs", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-shn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-shs", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-si", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sid", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sk", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sm", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-so", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sq", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ss", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-st", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sv", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sw", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-szl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ta", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tcy", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-te", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tg", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-th", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-the", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ti", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tig", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tk", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-to", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tpi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ts", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tt", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ug", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-uk", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-unm", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ur", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-uz", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ve", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-vi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wa", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wae", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wal", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wo", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-xh", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yo", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yue", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yuw", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-zh", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-zu", "p-cpe:/a:redhat:enterprise_linux:glibc-locale-source", "p-cpe:/a:redhat:enterprise_linux:glibc-minimal-langpack", "p-cpe:/a:redhat:enterprise_linux:glibc-nss-devel", "p-cpe:/a:redhat:enterprise_linux:glibc-static", "p-cpe:/a:redhat:enterprise_linux:glibc-utils", "p-cpe:/a:redhat:enterprise_linux:libnsl", "p-cpe:/a:redhat:enterprise_linux:nscd", "p-cpe:/a:redhat:enterprise_linux:nss_db", "p-cpe:/a:redhat:enterprise_linux:nss_hesiod", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nhn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-niu", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nso", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-oc", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-om", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-or", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-os", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pa", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pap", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pl", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ps", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pt", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-quz", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-raj", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ro", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ru", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-rw", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sa", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sah", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sat", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bs", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-byn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ca", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ce", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-chr", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cmn", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-crh", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cs", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-csb", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cv", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cy", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-da", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-de", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-doi", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-dsb", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-dv", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-dz", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-el", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-en", "p-cpe:/a:redhat:enterprise_linux:glibc-langpack-eo"], "id": "REDHAT-RHSA-2021-4358.NASL", "href": "https://www.tenable.com/plugins/nessus/155059", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:4358. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(155059);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\"CVE-2021-27645\", \"CVE-2021-33574\", \"CVE-2021-35942\");\n script_xref(name:\"RHSA\", value:\"2021:4358\");\n\n script_name(english:\"RHEL 8 : glibc (RHSA-2021:4358)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:4358 advisory.\n\n - glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c (CVE-2021-27645)\n\n - glibc: mq_notify does not handle separately allocated thread attributes (CVE-2021-33574)\n\n - glibc: Arbitrary read in wordexp() (CVE-2021-35942)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-27645\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-33574\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-35942\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:4358\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1932589\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1965408\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1977975\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-33574\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(190, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/02/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/11/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:compat-libpthread-nonshared\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-all-langpacks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-benchtests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-aa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-af\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-agr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-am\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-an\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-anp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-as\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ast\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ayc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-az\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-be\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ber\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bhb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bho\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-br\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-brx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-bs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-byn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ca\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-chr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cmn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-crh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-csb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-cy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-da\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-de\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-doi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-dsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-dv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-dz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-el\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-en\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-eo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-es\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-et\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-eu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fil\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-fy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ga\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gez\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-gv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ha\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hak\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-he\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hsb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ht\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-hy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-id\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ik\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-is\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-it\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-iu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ja\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ka\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kab\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-km\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ko\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kok\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ks\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ku\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-kw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ky\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-li\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lij\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ln\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-lzh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mag\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mai\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mfe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mhr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-miq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mjw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mni\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-mt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-my\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nan\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nds\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ne\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nhn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-niu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-nso\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-oc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-om\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-or\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-os\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-pt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-quz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-raj\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ro\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ru\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-rw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-se\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sgs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-shn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-shs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-si\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-so\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sq\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-st\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-sw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-szl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ta\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tcy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-te\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-th\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-the\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ti\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-to\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tpi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-tt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-uk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-unm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ur\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-uz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-ve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-vi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-wo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-xh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yue\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-yuw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-zh\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-langpack-zu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-locale-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-minimal-langpack\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:glibc-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libnsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss_db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:nss_hesiod\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'compat-libpthread-nonshared-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-all-langpacks-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-benchtests-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-common-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-devel-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-headers-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-aa-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-af-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-agr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ak-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-am-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-an-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-anp-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ar-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-as-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ast-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ayc-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-az-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-be-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bem-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ber-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bg-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bhb-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bho-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bo-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-br-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-brx-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bs-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-byn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ca-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ce-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-chr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cmn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-crh-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cs-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-csb-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cv-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cy-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-da-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-de-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-doi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-dsb-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-dv-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-dz-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-el-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-en-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-eo-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-es-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-et-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-eu-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fa-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ff-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fil-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fo-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fur-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fy-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ga-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gd-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gez-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gu-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gv-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ha-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hak-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-he-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hif-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hne-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hsb-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ht-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hu-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hy-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ia-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-id-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ig-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ik-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-is-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-it-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-iu-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ja-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ka-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kab-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kk-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-km-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ko-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kok-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ks-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ku-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kw-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ky-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lb-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lg-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-li-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lij-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ln-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lo-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lt-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lv-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lzh-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mag-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mai-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mfe-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mg-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mhr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-miq-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mjw-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mk-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ml-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mni-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ms-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mt-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-my-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nan-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nb-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nds-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ne-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nhn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-niu-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nso-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-oc-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-om-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-or-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-os-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pa-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pap-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ps-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pt-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-quz-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-raj-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ro-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ru-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-rw-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sa-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sah-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sat-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sc-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sd-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-se-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sgs-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-shn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-shs-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-si-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sid-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sk-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sm-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-so-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sq-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ss-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-st-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sv-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sw-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-szl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ta-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tcy-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-te-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tg-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-th-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-the-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ti-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tig-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tk-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tn-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-to-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tpi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tr-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ts-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tt-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ug-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-uk-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-unm-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ur-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-uz-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ve-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-vi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wa-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wae-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wal-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wo-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-xh-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yi-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yo-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yue-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yuw-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-zh-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-zu-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-locale-source-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-minimal-langpack-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-nss-devel-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-static-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-utils-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnsl-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nscd-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nss_db-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nss_hesiod-2.28-164.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'compat-libpthread-nonshared-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-all-langpacks-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-benchtests-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-common-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-devel-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-headers-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-aa-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-af-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-agr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ak-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-am-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-an-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-anp-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ar-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-as-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ast-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ayc-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-az-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-be-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bem-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ber-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bg-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bhb-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bho-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bo-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-br-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-brx-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-bs-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-byn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ca-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ce-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-chr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cmn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-crh-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cs-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-csb-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cv-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-cy-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-da-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-de-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-doi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-dsb-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-dv-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-dz-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-el-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-en-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-eo-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-es-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-et-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-eu-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fa-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ff-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fil-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fo-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fur-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-fy-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ga-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gd-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gez-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gu-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-gv-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ha-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hak-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-he-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hif-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hne-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hsb-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ht-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hu-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-hy-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ia-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-id-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ig-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ik-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-is-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-it-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-iu-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ja-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ka-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kab-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kk-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-km-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ko-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kok-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ks-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ku-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-kw-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ky-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lb-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lg-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-li-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lij-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ln-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lo-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lt-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lv-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-lzh-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mag-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mai-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mfe-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mg-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mhr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-miq-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mjw-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mk-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ml-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mni-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ms-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-mt-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-my-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nan-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nb-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nds-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ne-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nhn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-niu-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-nso-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-oc-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-om-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-or-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-os-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pa-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pap-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ps-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-pt-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-quz-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-raj-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ro-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ru-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-rw-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sa-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sah-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sat-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sc-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sd-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-se-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sgs-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-shn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-shs-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-si-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sid-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sk-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sm-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-so-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sq-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ss-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-st-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sv-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-sw-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-szl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ta-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tcy-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-te-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tg-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-th-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-the-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ti-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tig-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tk-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tn-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-to-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tpi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tr-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ts-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-tt-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ug-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-uk-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-unm-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ur-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-uz-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-ve-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-vi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wa-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wae-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wal-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-wo-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-xh-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yi-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yo-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yue-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-yuw-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-zh-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-langpack-zu-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-locale-source-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-minimal-langpack-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-nss-devel-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-static-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'glibc-utils-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libnsl-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nscd-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nss_db-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nss_hesiod-2.28-164.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'compat-libpthread-nonshared / glibc / glibc-all-langpacks / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-11T17:51:03", "description": "According to the versions of the libsepol packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-06T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.6 : libsepol (EulerOS-SA-2023-1065)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086"], "modified": "2023-09-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libsepol", "p-cpe:/a:huawei:euleros:libsepol-devel", "cpe:/o:huawei:euleros:uvp:3.0.2.6"], "id": "EULEROS_SA-2023-1065.NASL", "href": "https://www.tenable.com/plugins/nessus/169660", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169660);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/11\");\n\n script_cve_id(\"CVE-2021-36084\", \"CVE-2021-36085\", \"CVE-2021-36086\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.6 : libsepol (EulerOS-SA-2023-1065)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libsepol packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __cil_verify_classpermission and __cil_pre_verify_helper). (CVE-2021-36084)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_classperms (called from\n __verify_map_perm_classperms and hashtab_map). (CVE-2021-36085)\n\n - The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_classpermission (called from\n cil_reset_classperms_set and cil_reset_classperms_list). (CVE-2021-36086)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1065\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f616eb8c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libsepol packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-36086\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libsepol-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0)