Search...

EulerOS 2.0 SP8 : libxslt (EulerOS-SA-2020-1017)

2020-01-02T00:00:00

ID EULEROS_SA-2020-1017.NASL
Type nessus
Reporter This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2020-01-02T00:00:00

Description

According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(132610);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");

  script_cve_id(
    "CVE-2019-13117",
    "CVE-2019-13118"
  );

  script_name(english:"EulerOS 2.0 SP8 : libxslt (EulerOS-SA-2020-1017)");
  script_summary(english:"Checks the rpm output for the updated packages.");

  script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
  script_set_attribute(attribute:"description", value:
"According to the versions of the libxslt packages installed, the
EulerOS installation on the remote host is affected by the following
vulnerabilities :

  - In numbers.c in libxslt 1.1.33, a type holding grouping
    characters of an xsl:number instruction was too narrow
    and an invalid character/length combination could be
    passed to xsltNumberFormatDecimal, leading to a read of
    uninitialized stack data.(CVE-2019-13118)

  - In numbers.c in libxslt 1.1.33, an xsl:number with
    certain format strings could lead to a uninitialized
    read in xsltNumberFormatInsertNumbers. This could allow
    an attacker to discern whether a byte on the stack
    contains the characters A, a, I, i, or 0, or any other
    character.(CVE-2019-13117)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.");
  # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1017
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?66401d16");
  script_set_attribute(attribute:"solution", value:
"Update the affected libxslt packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"patch_publication_date", value:"2020/01/02");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libxslt");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:libxslt-devel");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Huawei Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
  script_exclude_keys("Host/EulerOS/uvp_version");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);

release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");

sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");

uvp = get_kb_item("Host/EulerOS/uvp_version");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);

if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$" && "aarch64" &gt;!&lt; cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" &gt;!&lt; cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);

flag = 0;

pkgs = ["libxslt-1.1.32-3.h6.eulerosv2r8",
        "libxslt-devel-1.1.32-3.h6.eulerosv2r8"];

foreach (pkg in pkgs)
  if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libxslt");
}

JSON Vulners Source

Initial Source

{"id": "EULEROS_SA-2020-1017.NASL", "bulletinFamily": "scanner", "title": "EulerOS 2.0 SP8 : libxslt (EulerOS-SA-2020-1017)", "description": "According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2020-01-02T00:00:00", "modified": "2020-01-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/132610", "reporter": "This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?66401d16"], "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "type": "nessus", "lastseen": "2021-01-07T09:01:47", "edition": 8, "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "f5", "idList": ["F5:K96300145"]}, {"type": "cve", "idList": ["CVE-2019-13117", "CVE-2019-13118"]}, {"type": "symantec", "idList": ["SMNTC-111498", "SMNTC-109323"]}, {"type": "nessus", "idList": ["PHOTONOS_PHSA-2019-2_0-0171_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-3_0-0024_LIBXSLT.NASL", "EULEROS_SA-2019-2032.NASL", "PHOTONOS_PHSA-2019-1_0-0246_LIBXSLT.NASL", "SUSE_SU-2020-1409-1.NASL", "UBUNTU_USN-4164-1.NASL", "EULEROS_SA-2019-1929.NASL", "SUSE_SU-2019-1867-1.NASL", "EULEROS_SA-2019-1913.NASL", "FEDORA_2019-FDF6EC39B4.NASL"]}, {"type": "fedora", "idList": ["FEDORA:F378E608761A", "FEDORA:724A1610682D", "FEDORA:31ACB604BB43"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310877174", "OPENVAS:1361412562310853184", "OPENVAS:1361412562310844207", "OPENVAS:1361412562310816600", "OPENVAS:1361412562311220192032", "OPENVAS:1361412562310877633", "OPENVAS:1361412562311220191913", "OPENVAS:1361412562311220201017", "OPENVAS:1361412562310877596", "OPENVAS:1361412562311220191929"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0731-1"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:13BA697370B05DA79A1C88E29233A25D"]}, {"type": "ubuntu", "idList": ["USN-4164-1"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1860-1:DBF7E"]}, {"type": "amazon", "idList": ["ALAS2-2020-1387"]}, {"type": "kaspersky", "idList": ["KLA11526", "KLA11527", "KLA11646"]}, {"type": "apple", "idList": ["APPLE:HT210358", "APPLE:HT210357", "APPLE:HT210348", "APPLE:HT210353", "APPLE:HT210346", "APPLE:HT210351", "APPLE:HT210356"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2020"]}], "modified": "2021-01-07T09:01:47", "rev": 2}, "score": {"value": 5.0, "vector": "NONE", "modified": "2021-01-07T09:01:47", "rev": 2}, "vulnersScore": 5.0}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132610);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : libxslt (EulerOS-SA-2020-1017)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1017\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?66401d16\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.32-3.h6.eulerosv2r8\",\n \"libxslt-devel-1.1.32-3.h6.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "naslFamily": "Huawei Local Security Checks", "pluginID": "132610", "cpe": ["p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt", "cpe:/o:huawei:euleros:2.0"], "scheme": null, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}}

{"f5": [{"lastseen": "2020-04-06T22:39:32", "bulletinFamily": "software", "cvelist": ["CVE-2019-16168", "CVE-2019-13118", "CVE-2019-13117"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2020-01-31T18:45:00", "published": "2020-01-31T18:45:00", "id": "F5:K96300145", "href": "https://support.f5.com/csp/article/K96300145", "title": "C Library (SQLite & libxslt) vulnerabilities CVE-2019-16168 CVE-2019-13117 CVE-2019-13118", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2020-10-03T13:38:42", "description": "In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.", "edition": 13, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-01T02:15:00", "title": "CVE-2019-13117", "type": "cve", "cwe": ["CWE-908"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13117"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:xmlsoft:libxslt:1.1.33"], "id": "CVE-2019-13117", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13117", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T13:38:42", "description": "In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.", "edition": 18, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-07-01T02:15:00", "title": "CVE-2019-13118", "type": "cve", "cwe": ["CWE-843"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13118"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:xmlsoft:libxslt:1.1.33"], "id": "CVE-2019-13118", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-13118", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:xmlsoft:libxslt:1.1.33:*:*:*:*:*:*:*"]}], "symantec": [{"lastseen": "2020-01-15T14:28:32", "bulletinFamily": "software", "cvelist": ["CVE-2019-13117"], "description": "### Description\n\nlibxslt is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. libxslt 1.1.33 is vulnerable; other versions may also be affected.\n\n### Technologies Affected\n\n * Oracle JDK(Linux Production Release) 1.8.0 Update 241 \n * Oracle JDK(Solaris Production Release) 1.8.0 Update 241 \n * Oracle JDK(Windows Production Release) 1.8.0 Update 241 \n * Oracle JRE(Linux Production Release) 1.8.0 Update 241 \n * Oracle JRE(Solaris Production Release) 1.8.0 Update 241 \n * Oracle JRE(Windows Production Release) 1.8.0 Update 241 \n * Redhat Ceph Storage 3 \n * Redhat Enterprise Linux 7 \n * Redhat Enterprise Linux 8 \n * Redhat OpenStack Platform 10 \n * Redhat OpenStack Platform 13.0 (Queens) \n * Redhat OpenStack Platform 14.0 (Rocky) \n * Redhat OpenStack Platform 9.0 \n * XMLSoft libxslt 1.1.33 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.\n\n**Run all software as a nonprivileged user with minimal access rights.** \nRunning server processes within a restricted environment using facilities such as chroot or jail may limit the consequences of successful exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-07-10T00:00:00", "published": "2019-07-10T00:00:00", "id": "SMNTC-111498", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/111498", "type": "symantec", "title": "libxslt CVE-2019-13117 Information Disclosure Vulnerability", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-15T14:28:35", "bulletinFamily": "software", "cvelist": ["CVE-2019-13118"], "description": "### Description\n\nlibxslt is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. libxslt 1.1.33 is vulnerable; other versions may also be affected.\n\n### Technologies Affected\n\n * Apple TV \n * Apple Watch \n * Apple iOS 10 \n * Apple iOS 10.0.1 \n * Apple iOS 10.1 \n * Apple iOS 10.2 \n * Apple iOS 10.2.1 \n * Apple iOS 10.3 \n * Apple iOS 10.3.1 \n * Apple iOS 10.3.2 \n * Apple iOS 10.3.3 \n * Apple iOS 11 \n * Apple iOS 11.1 \n * Apple iOS 11.2 \n * Apple iOS 11.2.1 \n * Apple iOS 11.2.2 \n * Apple iOS 11.2.5 \n * Apple iOS 11.2.6 \n * Apple iOS 11.3 \n * Apple iOS 11.3.1 \n * Apple iOS 11.4 \n * Apple iOS 11.4.1 \n * Apple iOS 12 \n * Apple iOS 12.0.1 \n * Apple iOS 12.1 \n * Apple iOS 12.1.1 \n * Apple iOS 12.1.3 \n * Apple iOS 12.1.4 \n * Apple iOS 12.2 \n * Apple iOS 12.3 \n * Apple iOS 2.0 \n * Apple iOS 2.1 \n * Apple iOS 3 \n * Apple iOS 3.0 \n * Apple iOS 3.1 \n * Apple iOS 3.2 \n * Apple iOS 3.2.1 \n * Apple iOS 3.2.2 \n * Apple iOS 4 \n * Apple iOS 4 \n * Apple iOS 4.0.1 \n * Apple iOS 4.0.2 \n * Apple iOS 4.1 \n * Apple iOS 4.2 \n * Apple iOS 4.2.1 \n * Apple iOS 4.2.10 \n * Apple iOS 4.2.5 \n * Apple iOS 4.2.6 \n * Apple iOS 4.2.7 \n * Apple iOS 4.2.8 \n * Apple iOS 4.2.9 \n * Apple iOS 4.3 \n * Apple iOS 4.3.1 \n * Apple iOS 4.3.2 \n * Apple iOS 4.3.3 \n * Apple iOS 4.3.4 \n * Apple iOS 4.3.5 \n * Apple iOS 5 \n * Apple iOS 5 \n * Apple iOS 5.0.1 \n * Apple iOS 5.1 \n * Apple iOS 5.1.1 \n * Apple iOS 6 \n * Apple iOS 6.0.1 \n * Apple iOS 6.0.2 \n * Apple iOS 6.1 \n * Apple iOS 6.1.3 \n * Apple iOS 6.1.4 \n * Apple iOS 6.1.6 \n * Apple iOS 6.3.1 \n * Apple iOS 7 \n * Apple iOS 7.0.1 \n * Apple iOS 7.0.2 \n * Apple iOS 7.0.3 \n * Apple iOS 7.0.4 \n * Apple iOS 7.0.5 \n * Apple iOS 7.0.6 \n * Apple iOS 7.1 \n * Apple iOS 7.1.1 \n * Apple iOS 7.1.2 \n * Apple iOS 7.2.0 \n * Apple iOS 8 \n * Apple iOS 8.1 \n * Apple iOS 8.1.1 \n * Apple iOS 8.1.2 \n * Apple iOS 8.1.3 \n * Apple iOS 8.2 \n * Apple iOS 8.3 \n * Apple iOS 8.4 \n * Apple iOS 8.4.1 \n * Apple iOS 9 \n * Apple iOS 9.0.1 \n * Apple iOS 9.0.2 \n * Apple iOS 9.1 \n * Apple iOS 9.2 \n * Apple iOS 9.2.1 \n * Apple iOS 9.3 \n * Apple iOS 9.3.1 \n * Apple iOS 9.3.2 \n * Apple iOS 9.3.3 \n * Apple iOS 9.3.4 \n * Apple iOS 9.3.5 \n * Apple iPad Air \n * Apple iPhone 5s \n * Apple iPod Touch \n * Apple macOS 10.12 \n * Apple macOS 10.12.1 \n * Apple macOS 10.12.2 \n * Apple macOS 10.12.3 \n * Apple macOS 10.12.4 \n * Apple macOS 10.12.5 \n * Apple macOS 10.12.6 \n * Apple macOS 10.13 \n * Apple macOS 10.13.1 \n * Apple macOS 10.13.2 \n * Apple macOS 10.13.3 \n * Apple macOS 10.13.4 \n * Apple macOS 10.13.5 \n * Apple macOS 10.13.6 \n * Apple macOS 10.14 \n * Apple macOS 10.14.1 \n * Apple macOS 10.14.2 \n * Apple macOS 10.14.3 \n * Apple macOS 10.14.4 \n * Apple macOS 10.14.5 \n * Apple tvOS 10 \n * Apple tvOS 10.0.1 \n * Apple tvOS 10.1 \n * Apple tvOS 10.1.1 \n * Apple tvOS 10.2 \n * Apple tvOS 10.2.1 \n * Apple tvOS 10.2.2 \n * Apple tvOS 11 \n * Apple tvOS 11.1 \n * Apple tvOS 11.2 \n * Apple tvOS 11.2.1 \n * Apple tvOS 11.2.5 \n * Apple tvOS 11.2.6 \n * Apple tvOS 11.4 \n * Apple tvOS 11.4.1 \n * Apple tvOS 12 \n * Apple tvOS 12.1.1 \n * Apple tvOS 12.1.2 \n * Apple tvOS 12.2.1 \n * Apple tvOS 12.3 \n * Apple tvOS 9.0 \n * Apple tvOS 9.1 \n * Apple tvOS 9.1.1 \n * Apple tvOS 9.2 \n * Apple tvOS 9.2.1 \n * Apple tvOS 9.2.2 \n * Apple watchOS 1.0 \n * Apple watchOS 1.0.1 \n * Apple watchOS 10.1.1 \n * Apple watchOS 2.0 \n * Apple watchOS 2.0.1 \n * Apple watchOS 2.1 \n * Apple watchOS 2.2 \n * Apple watchOS 2.2.1 \n * Apple watchOS 2.2.2 \n * Apple watchOS 3 \n * Apple watchOS 3.0 \n * Apple watchOS 3.1 \n * Apple watchOS 3.1.1 \n * Apple watchOS 3.1.3 \n * Apple watchOS 3.2 \n * Apple watchOS 3.2.1 \n * Apple watchOS 3.2.2 \n * Apple watchOS 3.2.3 \n * Apple watchOS 4 \n * Apple watchOS 4.1 \n * Apple watchOS 4.2 \n * Apple watchOS 4.2.2 \n * Apple watchOS 4.2.3 \n * Apple watchOS 4.3 \n * Apple watchOS 4.3.1 \n * Apple watchOS 4.3.2 \n * Apple watchOS 5 \n * Apple watchOS 5.1.2 \n * Apple watchOS 5.1.3 \n * Apple watchOS 5.2.1 \n * Oracle JDK(Linux Production Release) 1.8.0 Update 241 \n * Oracle JDK(Solaris Production Release) 1.8.0 Update 241 \n * Oracle JDK(Windows Production Release) 1.8.0 Update 241 \n * Oracle JRE(Linux Production Release) 1.8.0 Update 241 \n * Oracle JRE(Solaris Production Release) 1.8.0 Update 241 \n * Oracle JRE(Windows Production Release) 1.8.0 Update 241 \n * XMLSoft libxslt 1.1.33 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to requests that include NOP sleds and unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-06-30T00:00:00", "published": "2019-06-30T00:00:00", "id": "SMNTC-109323", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109323", "type": "symantec", "title": "libxslt CVE-2019-13118 Stack Buffer Overflow Vulnerability", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2021-01-07T08:59:11", "description": "According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 12, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-16T00:00:00", "title": "EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2019-1913)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2019-09-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1913.NASL", "href": "https://www.tenable.com/plugins/nessus/128836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128836);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2019-1913)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1913\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cd2fc2f4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h3.eulerosv2r7\",\n \"libxslt-devel-1.1.28-5.h3.eulerosv2r7\",\n \"libxslt-python-1.1.28-5.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T08:59:35", "description": "According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 12, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-24T00:00:00", "title": "EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2032)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2019-09-24T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2032.NASL", "href": "https://www.tenable.com/plugins/nessus/129225", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129225);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2032)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2032\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e24ac92d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h3\",\n \"libxslt-devel-1.1.28-5.h3\",\n \"libxslt-python-1.1.28-5.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T01:08:24", "description": "An update of the libxslt package has been released.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-12T00:00:00", "title": "Photon OS 2.0: Libxslt PHSA-2019-2.0-0171", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxslt", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0171_LIBXSLT.NASL", "href": "https://www.tenable.com/plugins/nessus/128719", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0171. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128719);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/30\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Photon OS 2.0: Libxslt PHSA-2019-2.0-0171\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxslt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-171.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13118\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libxslt-1.1.29-6.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libxslt-debuginfo-1.1.29-6.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libxslt-devel-1.1.29-6.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T02:28:23", "description": "Fixes for CVE-2019-13117, CVE-2019-13118\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-10-29T00:00:00", "title": "Fedora 31 : libxslt (2019-fdf6ec39b4)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxslt", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-FDF6EC39B4.NASL", "href": "https://www.tenable.com/plugins/nessus/130353", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-fdf6ec39b4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130353);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_xref(name:\"FEDORA\", value:\"2019-fdf6ec39b4\");\n\n script_name(english:\"Fedora 31 : libxslt (2019-fdf6ec39b4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes for CVE-2019-13117, CVE-2019-13118\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-fdf6ec39b4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"libxslt-1.1.33-4.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T01:08:35", "description": "An update of the libxslt package has been released.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-26T00:00:00", "title": "Photon OS 3.0: Libxslt PHSA-2019-3.0-0024", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxslt", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_LIBXSLT.NASL", "href": "https://www.tenable.com/plugins/nessus/128155", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128155);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Photon OS 3.0: Libxslt PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxslt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13118\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxslt-1.1.32-4.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxslt-debuginfo-1.1.32-4.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxslt-devel-1.1.32-4.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-14T06:19:46", "description": "This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data\n(bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern\nwhether a byte on the stack contains certain special characters\n(bsc#1140095).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-19T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2019:1867-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2019-07-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxslt1", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libxslt-tools", "p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libxslt-debugsource", "p-cpe:/a:novell:suse_linux:libxslt1-debuginfo"], "id": "SUSE_SU-2019-1867-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126809", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1867-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126809);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2019:1867-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data\n(bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern\nwhether a byte on the stack contains certain special characters\n(bsc#1140095).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13117/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13118/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191867-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20ed9b4b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1867=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-1867=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1867=1\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt-debugsource-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt-tools-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt-tools-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-32bit-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-debuginfo-32bit-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt-debugsource-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt-tools-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt-tools-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-32bit-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-debuginfo-32bit-1.1.28-17.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-01T01:08:04", "description": "An update of the libxslt package has been released.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-26T00:00:00", "title": "Photon OS 1.0: Libxslt PHSA-2019-1.0-0246", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxslt", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0246_LIBXSLT.NASL", "href": "https://www.tenable.com/plugins/nessus/128170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0246. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128170);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Photon OS 1.0: Libxslt PHSA-2019-1.0-0246\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxslt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-246.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13118\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libxslt-1.1.29-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libxslt-debuginfo-1.1.29-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libxslt-devel-1.1.29-6.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T08:59:12", "description": "According to the versions of the libxslt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-17T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2019-1929)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "modified": "2019-09-17T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-python"], "id": "EULEROS_SA-2019-1929.NASL", "href": "https://www.tenable.com/plugins/nessus/128932", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128932);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2019-1929)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1929\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?14e519ab\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h3\",\n \"libxslt-python-1.1.28-5.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-09-18T11:02:05", "description": "It was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to access sensitive\ninformation. This issue not affected Ubuntu 19.10. (CVE-2019-13117,\nCVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-18197).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-23T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Libxslt vulnerabilities (USN-4164-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "modified": "2019-10-23T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04", "p-cpe:/a:canonical:ubuntu_linux:libxslt1.1", "cpe:/o:canonical:ubuntu_linux:19.10", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-4164-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130167", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4164-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130167);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n script_xref(name:\"USN\", value:\"4164-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Libxslt vulnerabilities (USN-4164-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to access sensitive\ninformation. This issue not affected Ubuntu 19.10. (CVE-2019-13117,\nCVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-18197).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4164-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libxslt1.1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxslt1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|18\\.04|19\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 18.04 / 19.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.28-2.1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.29-5ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.32-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libxslt1.1\", pkgver:\"1.1.33-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt1.1\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-24T13:21:44", "description": "This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data\n(bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern\nwhether a byte on the stack contains certain special characters\n(bsc#1140095).\n\nCVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may\nhave led to information disclosure (bsc#1154609).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 7.5, "vector": "AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-17T00:00:00", "title": "SUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2020:1409-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "modified": "2020-06-17T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxslt1", "p-cpe:/a:novell:suse_linux:libxslt-tools", "cpe:/o:novell:suse_linux:15", "p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libxslt-devel", "p-cpe:/a:novell:suse_linux:libxslt-debugsource", "p-cpe:/a:novell:suse_linux:libxslt1-debuginfo"], "id": "SUSE_SU-2020-1409-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137539", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1409-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137539);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/22\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2020:1409-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data\n(bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern\nwhether a byte on the stack contains certain special characters\n(bsc#1140095).\n\nCVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may\nhave led to information disclosure (bsc#1154609).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13117/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13118/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18197/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201409-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6fe2dfb9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1409=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18197\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-debugsource-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-devel-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-tools-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-tools-debuginfo-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt1-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt1-debuginfo-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-debugsource-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-devel-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-tools-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-tools-debuginfo-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt1-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt1-debuginfo-1.1.32-3.8.24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-27T18:34:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191913", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-1913)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1913\");\n script_version(\"2020-01-23T12:26:30+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:26:30 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:26:30 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-1913)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1913\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1913\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxslt' package(s) announced via the EulerOS-SA-2019-1913 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\n\nIn numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.28~5.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.28~5.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.28~5.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-14T14:48:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the ", "modified": "2020-01-13T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310877174", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877174", "type": "openvas", "title": "Fedora Update for libxslt FEDORA-2019-fdf6ec39b4", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877174\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:30:37 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for libxslt FEDORA-2019-fdf6ec39b4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-fdf6ec39b4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IOYJKXPQCUNBMMQJWYXOR6QRUJZHEDRZ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the FEDORA-2019-fdf6ec39b4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This C library allows to transform XML files into other XML files\n(or HTML, text, ...) using the standard XSLT stylesheet transformation\nmechanism. To use it you need to have a version of libxml2 >= 2.6.27\ninstalled. The xsltproc command is a command line interface to the XSLT engine\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.33~4.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192032", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192032", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2032)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2032\");\n script_version(\"2020-01-23T12:31:28+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:31:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:31:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2032)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2032\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2032\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxslt' package(s) announced via the EulerOS-SA-2019-2032 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\n\nIn numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.28~5.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.28~5.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.28~5.h3\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:35:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201017", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201017", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2020-1017)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1017\");\n script_version(\"2020-01-23T13:16:28+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:16:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:16:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2020-1017)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1017\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1017\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxslt' package(s) announced via the EulerOS-SA-2020-1017 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\n\nIn numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.32~3.h6.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.32~3.h6.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-27T18:34:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191929", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-1929)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1929\");\n script_version(\"2020-01-23T12:27:28+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:27:28 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:27:28 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-1929)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1929\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1929\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libxslt' package(s) announced via the EulerOS-SA-2019-1929 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\n\n\nIn numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.28~5.h3\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.28~5.h3\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-03-23T14:48:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the ", "modified": "2020-03-20T00:00:00", "published": "2020-03-18T00:00:00", "id": "OPENVAS:1361412562310877596", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877596", "type": "openvas", "title": "Fedora: Security Advisory for libxslt (FEDORA-2020-90c768a947)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877596\");\n script_version(\"2020-03-20T06:19:59+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-20 06:19:59 +0000 (Fri, 20 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-18 04:06:21 +0000 (Wed, 18 Mar 2020)\");\n script_name(\"Fedora: Security Advisory for libxslt (FEDORA-2020-90c768a947)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-90c768a947\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I2DFWHGW45KMBFWEA7F757LWKTCDL4V7\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the FEDORA-2020-90c768a947 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This C library allows to transform XML files into other XML files\n(or HTML, text, ...) using the standard XSLT stylesheet transformation\nmechanism. To use it you need to have a version of libxml2 >= 2.6.27\ninstalled. The xsltproc command is a command line interface to the XSLT engine\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.34~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-02T16:48:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-13117"], "description": "The remote host is missing an update for the ", "modified": "2020-03-31T00:00:00", "published": "2020-03-29T00:00:00", "id": "OPENVAS:1361412562310877633", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877633", "type": "openvas", "title": "Fedora: Security Advisory for libxslt (FEDORA-2020-40fa1ae94b)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877633\");\n script_version(\"2020-03-31T10:29:41+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-03-31 10:29:41 +0000 (Tue, 31 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-29 03:15:23 +0000 (Sun, 29 Mar 2020)\");\n script_name(\"Fedora: Security Advisory for libxslt (FEDORA-2020-40fa1ae94b)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-40fa1ae94b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5VQOJFLOOD5HOHRDRWFPAH64RXXMSBWM\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the FEDORA-2020-40fa1ae94b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This C library allows to transform XML files into other XML files\n(or HTML, text, ...) using the standard XSLT stylesheet transformation\nmechanism. To use it you need to have a version of libxml2 >= 2.6.27\ninstalled. The xsltproc command is a command line interface to the XSLT engine\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt\", rpm:\"libxslt~1.1.34~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-06-03T15:26:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310853184", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853184", "type": "openvas", "title": "openSUSE: Security Advisory for libxslt (openSUSE-SU-2020:0731-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853184\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:01:01 +0000 (Fri, 29 May 2020)\");\n script_name(\"openSUSE: Security Advisory for libxslt (openSUSE-SU-2020:0731-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0731-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the openSUSE-SU-2020:0731-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libxslt fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).\n\n - CVE-2019-13117: Fixed a uninitialized read which allowed to discern\n whether a byte on the stack contains certain special characters\n (bsc#1140095).\n\n - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have\n led to information disclosure (bsc#1154609).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-731=1\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-debugsource\", rpm:\"libxslt-debugsource~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel\", rpm:\"libxslt-devel~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-tools\", rpm:\"libxslt-tools~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-tools-debuginfo\", rpm:\"libxslt-tools-debuginfo~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt1\", rpm:\"libxslt1~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt1-debuginfo\", rpm:\"libxslt1-debuginfo~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-devel-32bit\", rpm:\"libxslt-devel-32bit~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python\", rpm:\"libxslt-python~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python-debuginfo\", rpm:\"libxslt-python-debuginfo~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt-python-debugsource\", rpm:\"libxslt-python-debugsource~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt1-32bit\", rpm:\"libxslt1-32bit~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libxslt1-32bit-debuginfo\", rpm:\"libxslt1-32bit-debuginfo~1.1.32~lp151.3.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-02T15:44:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "description": "The remote host is missing an update for the ", "modified": "2019-12-30T00:00:00", "published": "2019-10-23T00:00:00", "id": "OPENVAS:1361412562310844207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844207", "type": "openvas", "title": "Ubuntu Update for libxslt USN-4164-1", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844207\");\n script_version(\"2019-12-30T15:50:06+0000\");\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-12-30 15:50:06 +0000 (Mon, 30 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-23 02:01:05 +0000 (Wed, 23 Oct 2019)\");\n script_name(\"Ubuntu Update for libxslt USN-4164-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU19\\.10|UBUNTU19\\.04|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4164-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2019-October/005161.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libxslt'\n package(s) announced via the USN-4164-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to access sensitive information.\nThis issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-18197)\");\n\n script_tag(name:\"affected\", value:\"'libxslt' package(s) on Ubuntu 19.10, Ubuntu 19.04, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.29-5ubuntu0.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.33-0ubuntu1.1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU19.04\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.32-2ubuntu0.2\", rls:\"UBUNTU19.04\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"libxslt1.1\", ver:\"1.1.28-2.1ubuntu0.3\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-15T15:39:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-16168", "CVE-2020-2585", "CVE-2019-13118", "CVE-2019-13117"], "description": "The host is installed with Oracle Java SE\n and is prone to multiple security vulnerabilities.", "modified": "2020-05-12T00:00:00", "published": "2020-01-16T00:00:00", "id": "OPENVAS:1361412562310816604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310816604", "type": "openvas", "title": "Oracle Java SE Security Updates(jan2020) 02 - Linux", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.816604\");\n script_version(\"2020-05-12T13:57:17+0000\");\n script_cve_id(\"CVE-2019-16168\", \"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2020-2585\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-12 13:57:17 +0000 (Tue, 12 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-16 15:20:50 +0530 (Thu, 16 Jan 2020)\");\n script_name(\"Oracle Java SE Security Updates(jan2020) 02 - Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle Java SE\n and is prone to multiple security vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to errors in components\n Serialization, JavaFX (libxslt), Networking, Libraries and Security.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attacker to have an impact on confidentiality, integrity and availability.\");\n\n script_tag(name:\"affected\", value:\"Oracle Java SE version 8u231 (1.8.0.231)\n and earlier on Linux.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"https://www.oracle.com/security-alerts/cpujan2020.html#AppendixJAVA\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_java_prdts_detect_lin.nasl\");\n script_mandatory_keys(\"Oracle/Java/JDK_or_JRE/Linux/detected\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list(\"cpe:/a:oracle:jre\", \"cpe:/a:sun:jre\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_in_range(version:vers, test_version:\"1.8.0\", test_version2:\"1.8.0.231\")) {\n report = report_fixed_ver(installed_version:vers, fixed_version: \"Apply the patch\", install_path:path);\n security_message(data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "description": "This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >=3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT eng ine ", "modified": "2019-10-29T01:28:27", "published": "2019-10-29T01:28:27", "id": "FEDORA:31ACB604BB43", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: libxslt-1.1.33-4.fc31", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "description": "This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >=3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT eng ine ", "modified": "2020-03-18T02:23:20", "published": "2020-03-18T02:23:20", "id": "FEDORA:724A1610682D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: libxslt-1.1.34-1.fc31", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "description": "This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. To use it you need to have a version of libxml2 >=3D 2.6.27 installed. The xsltproc command is a command line interface to the XSLT eng ine ", "modified": "2020-03-26T09:48:01", "published": "2020-03-26T09:48:01", "id": "FEDORA:F378E608761A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: libxslt-1.1.34-1.fc30", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "suse": [{"lastseen": "2020-05-29T01:20:52", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "description": "This update for libxslt fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).\n - CVE-2019-13117: Fixed a uninitialized read which allowed to discern\n whether a byte on the stack contains certain special characters\n (bsc#1140095).\n - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have\n led to information disclosure (bsc#1154609).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-05-29T00:14:11", "published": "2020-05-29T00:14:11", "id": "OPENSUSE-SU-2020:0731-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00062.html", "title": "Security update for libxslt (moderate)", "type": "suse", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:40:38", "bulletinFamily": "unix", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "description": "It was discovered that Libxslt incorrectly handled certain documents. \nAn attacker could possibly use this issue to access sensitive information. \nThis issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents. \nAn attacker could possibly use this issue to execute arbitrary code. \n(CVE-2019-18197)", "edition": 4, "modified": "2019-10-22T00:00:00", "published": "2019-10-22T00:00:00", "id": "USN-4164-1", "href": "https://ubuntu.com/security/notices/USN-4164-1", "title": "Libxslt vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "cloudfoundry": [{"lastseen": "2019-12-24T16:24:51", "bulletinFamily": "software", "cvelist": ["CVE-2019-13118", "CVE-2019-18197", "CVE-2019-13117"], "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n## Description\n\nIt was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-18197)\n\nCVEs contained in this USN include: CVE-2019-13117, CVE-2019-13118, CVE-2019-18197\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH xenial-stemcells are vulnerable, including: \n * 456.x versions prior to 456.51\n * 315.x versions prior to 315.126\n * 250.x versions prior to 250.142\n * 170.x versions prior to 170.162\n * 97.x versions prior to 97.187\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.137.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH xenial-stemcells: \n * Upgrade 456.x versions to 456.51\n * Upgrade 315.x versions to 315.126\n * Upgrade 250.x versions to 250.142\n * Upgrade 170.x versions to 170.162\n * Upgrade 97.x versions to 97.187\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells/#ubuntu-xenial>).\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.137.0 or later.\n\n## References\n\n * [USN-4164-1](<https://usn.ubuntu.com/4164-1>)\n * [CVE-2019-13117](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13117>)\n * [CVE-2019-13118](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13118>)\n * [CVE-2019-18197](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18197>)\n", "edition": 2, "modified": "2019-11-06T00:00:00", "published": "2019-11-06T00:00:00", "id": "CFOUNDRY:13BA697370B05DA79A1C88E29233A25D", "href": "https://www.cloudfoundry.org/blog/usn-4164-1/", "title": "USN-4164-1: Libxslt vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:10:31", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4610", "CVE-2016-4609", "CVE-2019-13118", "CVE-2019-13117"], "description": "Package : libxslt\nVersion : 1.1.28-2+deb8u5\nCVE ID : CVE-2016-4609 CVE-2016-4610 CVE-2019-13117\n \t\t CVE-2019-13118\nDebian Bug : 932321 932320\n\nSeveral vulnerabilities were found in libxslt the XSLT 1.0 processing\nlibrary.\n\nCVE-2016-4610\n\n Invalid memory access leading to DoS at exsltDynMapFunction. libxslt\n allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n\nCVE-2016-4609\n\n Out-of-bounds read at xmlGetLineNoInternal()\n libxslt allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n\nCVE-2019-13117\n\n An xsl:number with certain format strings could lead to an\n uninitialized read in xsltNumberFormatInsertNumbers. This could\n allow an attacker to discern whether a byte on the stack contains\n the characters A, a, I, i, or 0, or any other character.\n\nCVE-2019-13118\n\n A type holding grouping characters of an xsl:number instruction was\n too narrow and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.1.28-2+deb8u5.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 9, "modified": "2019-07-22T16:17:07", "published": "2019-07-22T16:17:07", "id": "DEBIAN:DLA-1860-1:DBF7E", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201907/msg00020.html", "title": "[SECURITY] [DLA 1860-1] libxslt security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:37:08", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16168", "CVE-2020-2590", "CVE-2020-2655", "CVE-2020-2604", "CVE-2020-2583", "CVE-2020-2585", "CVE-2020-2601", "CVE-2020-2659", "CVE-2019-13118", "CVE-2020-2593", "CVE-2019-13117", "CVE-2020-2654"], "description": "**Issue Overview:**\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). ( [CVE-2020-2590 __](<https://access.redhat.com/security/cve/CVE-2020-2590>) )\n\nIn numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. ( [CVE-2019-13118 __](<https://access.redhat.com/security/cve/CVE-2019-13118>) )\n\nVulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Java). The supported version that is affected is 19.3.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle GraalVM Enterprise Edition. Note: GraalVM Enterprise 19.3 and above includes both Java SE 8 and Java SE 11. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). ([CVE-2020-2604 __](<https://access.redhat.com/security/cve/CVE-2020-2604>))\n\nVulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N). ([CVE-2020-2585 __](<https://access.redhat.com/security/cve/CVE-2020-2585>))\n\nVulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). ([CVE-2020-2654 __](<https://access.redhat.com/security/cve/CVE-2020-2654>))\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N). ([CVE-2020-2601 __](<https://access.redhat.com/security/cve/CVE-2020-2601>))\n\nVulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). ([CVE-2020-2655 __](<https://access.redhat.com/security/cve/CVE-2020-2655>))\n\nIn SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a \"severe division by zero in the query planner.\" ([CVE-2019-16168 __](<https://access.redhat.com/security/cve/CVE-2019-16168>))\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). ([CVE-2020-2659 __](<https://access.redhat.com/security/cve/CVE-2020-2659>))\n\nIn numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character. ([CVE-2019-13117 __](<https://access.redhat.com/security/cve/CVE-2019-13117>))\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). ([CVE-2020-2583 __](<https://access.redhat.com/security/cve/CVE-2020-2583>))\n\nVulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). ([CVE-2020-2593 __](<https://access.redhat.com/security/cve/CVE-2020-2593>))\n\n \n\n\n \n**Affected Packages:** \n\n\njava-11-amazon-corretto\n\n \n**Issue Correction:** \nRun _yum update java-11-amazon-corretto_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n java-11-amazon-corretto-11.0.6+10-1.amzn2.aarch64 \n java-11-amazon-corretto-headless-11.0.6+10-1.amzn2.aarch64 \n java-11-amazon-corretto-javadoc-11.0.6+10-1.amzn2.aarch64 \n \n src: \n java-11-amazon-corretto-11.0.6+10-1.amzn2.src \n \n x86_64: \n java-11-amazon-corretto-11.0.6+10-1.amzn2.x86_64 \n java-11-amazon-corretto-headless-11.0.6+10-1.amzn2.x86_64 \n java-11-amazon-corretto-javadoc-11.0.6+10-1.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2020-01-14T23:07:00", "published": "2020-01-14T23:07:00", "id": "ALAS2-2020-1387", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1387.html", "title": "Important: java-11-amazon-corretto", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "kaspersky": [{"lastseen": "2020-09-02T11:53:04", "bulletinFamily": "info", "cvelist": ["CVE-2019-16168", "CVE-2020-2590", "CVE-2020-2655", "CVE-2020-2604", "CVE-2020-2583", "CVE-2020-2585", "CVE-2020-2601", "CVE-2020-2659", "CVE-2019-13118", "CVE-2020-2593", "CVE-2019-13117", "CVE-2020-2654"], "description": "### *Detect date*:\n01/05/2020\n\n### *Severity*:\nWarning\n\n### *Description*:\nMultiple vulnerabilities were found in Oracle Java SE. Malicious users can exploit these vulnerabilities to obtain sensitive information.\n\n### *Affected products*:\nJava SE: 7u241, 8u231, 11.0.5, 13.0.1 \nJava SE Embedded: 8u231\n\n### *Solution*:\nUpdate to the latest version \n[Download Java](<https://www.oracle.com/java/>)\n\n### *Original advisories*:\n[Oracle Critical Patch Update Advisory \u2013 January 2020](<https://www.oracle.com/security-alerts/cpujan2020verbose.html>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Oracle Java JRE 1.7.x](<https://threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/>)\n\n### *CVE-IDS*:\n[CVE-2019-13118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118>)0.0Unknown \n[CVE-2020-2655](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2655>)0.0Unknown \n[CVE-2020-2583](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2583>)0.0Unknown \n[CVE-2020-2604](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2604>)0.0Unknown \n[CVE-2020-2659](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2659>)0.0Unknown \n[CVE-2020-2654](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2654>)0.0Unknown \n[CVE-2019-16168](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168>)0.0Unknown \n[CVE-2020-2593](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2593>)0.0Unknown \n[CVE-2019-13117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13117>)0.0Unknown \n[CVE-2020-2601](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2601>)0.0Unknown \n[CVE-2020-2590](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2590>)0.0Unknown \n[CVE-2020-2585](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2585>)0.0Unknown", "edition": 1, "modified": "2020-05-22T00:00:00", "published": "2020-01-05T00:00:00", "id": "KLA11646", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11646", "title": "\r KLA11646Multiple vulnerabilities in Oracle JRE ", "type": "kaspersky", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-02T11:46:25", "bulletinFamily": "info", "cvelist": ["CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8688", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8690", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8666"], "description": "### *Detect date*:\n07/25/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in iCloud. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nApple iCloud earlier than 10.6\n\n### *Solution*:\nUpdate to the latest version \n[Download iCloud](<https://support.apple.com/en-us/HT204283>)\n\n### *Original advisories*:\n[HT210358](<https://support.apple.com/en-us/HT210358>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iCloud](<https://threats.kaspersky.com/en/product/Apple-iCloud/>)\n\n### *CVE-IDS*:\n[CVE-2019-8684](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8684>)0.0Unknown \n[CVE-2019-8649](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8649>)0.0Unknown \n[CVE-2019-8686](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8686>)0.0Unknown \n[CVE-2019-8678](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8678>)0.0Unknown \n[CVE-2019-8673](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8673>)0.0Unknown \n[CVE-2019-8688](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8688>)0.0Unknown \n[CVE-2019-8676](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8676>)0.0Unknown \n[CVE-2019-13118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118>)0.0Unknown \n[CVE-2019-8690](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8690>)0.0Unknown \n[CVE-2019-8669](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8669>)0.0Unknown \n[CVE-2019-8681](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8681>)0.0Unknown \n[CVE-2019-8644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8644>)0.0Unknown \n[CVE-2019-8666](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8666>)0.0Unknown \n[CVE-2019-8672](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8672>)0.0Unknown \n[CVE-2019-8658](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8658>)0.0Unknown \n[CVE-2019-8689](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8689>)0.0Unknown \n[CVE-2019-8685](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8685>)0.0Unknown \n[CVE-2019-8679](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8679>)0.0Unknown \n[CVE-2019-8677](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8677>)0.0Unknown \n[CVE-2019-8671](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8671>)0.0Unknown \n[CVE-2019-8680](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8680>)0.0Unknown \n[CVE-2019-8687](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8687>)0.0Unknown \n[CVE-2019-8683](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8683>)0.0Unknown", "edition": 1, "modified": "2020-06-18T00:00:00", "published": "2019-07-25T00:00:00", "id": "KLA11527", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11527", "title": "\r KLA11527Multiple vulnerabilities in Apple iCloud ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-02T11:48:27", "bulletinFamily": "info", "cvelist": ["CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8688", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8690", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8666"], "description": "### *Detect date*:\n07/23/2019\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in iTunes. Malicious users can exploit these vulnerabilities to execute arbitrary code, perform cross-site scripting attack, obtain sensitive information.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nApple iTunes earlier than 12.9.6\n\n### *Solution*:\nUpdate to the latest version \n[Download iTunes](<https://www.apple.com/itunes/download/>)\n\n### *Original advisories*:\n[HT210356](<https://support.apple.com/en-us/HT210356>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Apple iTunes](<https://threats.kaspersky.com/en/product/Apple-iTunes/>)\n\n### *CVE-IDS*:\n[CVE-2019-8684](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8684>)0.0Unknown \n[CVE-2019-8649](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8649>)0.0Unknown \n[CVE-2019-8686](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8686>)0.0Unknown \n[CVE-2019-8678](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8678>)0.0Unknown \n[CVE-2019-8673](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8673>)0.0Unknown \n[CVE-2019-8688](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8688>)0.0Unknown \n[CVE-2019-8676](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8676>)0.0Unknown \n[CVE-2019-13118](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13118>)0.0Unknown \n[CVE-2019-8690](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8690>)0.0Unknown \n[CVE-2019-8669](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8669>)0.0Unknown \n[CVE-2019-8681](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8681>)0.0Unknown \n[CVE-2019-8644](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8644>)0.0Unknown \n[CVE-2019-8666](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8666>)0.0Unknown \n[CVE-2019-8672](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8672>)0.0Unknown \n[CVE-2019-8658](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8658>)0.0Unknown \n[CVE-2019-8689](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8689>)0.0Unknown \n[CVE-2019-8685](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8685>)0.0Unknown \n[CVE-2019-8679](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8679>)0.0Unknown \n[CVE-2019-8677](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8677>)0.0Unknown \n[CVE-2019-8671](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8671>)0.0Unknown \n[CVE-2019-8680](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8680>)0.0Unknown \n[CVE-2019-8687](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8687>)0.0Unknown \n[CVE-2019-8683](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8683>)0.0Unknown", "edition": 1, "modified": "2020-06-18T00:00:00", "published": "2019-07-23T00:00:00", "id": "KLA11526", "href": "https://threats.kaspersky.com/en/vulnerability/KLA11526", "title": "\r KLA11526Multiple vulnerabilities in Apple iTunes ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "apple": [{"lastseen": "2020-12-24T20:43:17", "bulletinFamily": "software", "cvelist": ["CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8688", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8690", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8666"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 10.6\n\nReleased July 23, 2019\n\n**libxslt**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.\n\nCVE-2019-8690: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8666: Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8671: Apple\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8677: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of Venustech\n\nCVE-2019-8679: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8680: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8687: Apple\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\nEntry updated September 17, 2019\n\n**WebKit**\n\nAvailable for: Windows 10 and later via the Microsoft Store\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.\n\nCVE-2019-8649: Sergei Glazunov of Google Project Zero\n", "edition": 2, "modified": "2019-09-17T06:08:45", "published": "2019-09-17T06:08:45", "id": "APPLE:HT210358", "href": "https://support.apple.com/kb/HT210358", "title": "About the security content of iCloud for Windows 10.6 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:13", "bulletinFamily": "software", "cvelist": ["CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8688", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8690", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8666"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iTunes 12.9.6 for Windows\n\nReleased July 23, 2019\n\n**libxslt**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.\n\nCVE-2019-8690: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8666: Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8671: Apple\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8677: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of Venustech\n\nCVE-2019-8679: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8680: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8687: Apple\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\nEntry updated September 11, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.\n\nCVE-2019-8649: Sergei Glazunov of Google Project Zero\n", "edition": 2, "modified": "2019-09-25T04:28:40", "published": "2019-09-25T04:28:40", "id": "APPLE:HT210356", "href": "https://support.apple.com/kb/HT210356", "title": "About the security content of iTunes 12.9.6 for Windows - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:44:39", "bulletinFamily": "software", "cvelist": ["CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8688", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8690", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8666"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iCloud for Windows 7.13\n\nReleased July 23, 2019\n\n**libxslt**\n\nAvailable for: Windows 7 and later\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.\n\nCVE-2019-8690: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8666: Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8671: Apple\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8677: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of Venustech\n\nCVE-2019-8679: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8680: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8687: Apple\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\nEntry updated September 11, 2019\n\n**WebKit**\n\nAvailable for: Windows 7 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.\n\nCVE-2019-8649: Sergei Glazunov of Google Project Zero\n", "edition": 2, "modified": "2019-09-11T08:58:07", "published": "2019-09-11T08:58:07", "id": "APPLE:HT210357", "href": "https://support.apple.com/kb/HT210357", "title": "About the security content of iCloud for Windows 7.13 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:42:48", "bulletinFamily": "software", "cvelist": ["CVE-2020-10135", "CVE-2019-8648", "CVE-2019-8669", "CVE-2019-8633", "CVE-2019-8682", "CVE-2019-8688", "CVE-2019-8665", "CVE-2018-16860", "CVE-2019-9506", "CVE-2019-8647", "CVE-2019-8624", "CVE-2019-8672", "CVE-2019-8660", "CVE-2019-8658", "CVE-2019-8676", "CVE-2019-13118", "CVE-2019-8659", "CVE-2019-8683", "CVE-2019-8646", "CVE-2019-8668", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8662", "CVE-2019-8657"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## watchOS 5.3\n\nReleased July 22, 2019\n\n**Bluetooth**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England\n\nThe changes for this issue mitigate CVE-2020-10135.\n\nEntry added August 13, 2019, updated June 25, 2020 \n\n**Core Data**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**Digital Touch**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8624: Natalie Silvanovich of Google Project Zero\n\n**FaceTime**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\n**Heimdal**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst\n\n**Image Processing**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing a maliciously crafted image may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8668: an anonymous researcher\n\nEntry added October 8, 2019\n\n**Kernel**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8633: Zhuo Liang of Qihoo 360 Vulcan Team\n\nEntry added September 17, 2019\n\n**libxslt**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Users removed from an iMessage conversation may still be able to alter state\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon\n\n**Messages**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may cause an unexpected application termination\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\n**Quick Look**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\n**Siri**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**UIFoundation**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**Wallet**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: A user may inadvertently complete an in-app purchase while on the lock screen\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple Watch Series 1 and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**MobileInstallation**\n\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.\n", "edition": 3, "modified": "2020-06-25T07:44:38", "published": "2020-06-25T07:44:38", "id": "APPLE:HT210353", "href": "https://support.apple.com/kb/HT210353", "title": "About the security content of watchOS 5.3 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:35", "bulletinFamily": "software", "cvelist": ["CVE-2020-10135", "CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8702", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8688", "CVE-2018-16860", "CVE-2019-9506", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8647", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8660", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8646", "CVE-2019-8690", "CVE-2019-8698", "CVE-2019-8668", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8662", "CVE-2019-8657", "CVE-2019-8666"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## tvOS 12.4\n\nReleased July 22, 2019\n\n**Bluetooth**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England\n\nThe changes for this issue mitigate CVE-2020-10135.\n\nEntry added August 13, 2019, updated June 25, 2020 \n\n**Core Data**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**Game Center**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A local user may be able to read a persistent account identifier\n\nDescription: This issue was addressed with a new entitlement.\n\nCVE-2019-8702: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.\n\nEntry added February 24, 2020\n\n**Heimdal**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst\n\n**Image Processing**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing a maliciously crafted image may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8668: an anonymous researcher\n\nEntry added October 8, 2019\n\n**libxslt**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**Profiles**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A malicious application may be able to restrict access to websites\n\nDescription: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.\n\nCVE-2019-8698: Luke Deshotels, Jordan Beichler, and William Enck of North Carolina State University; Costin Caraba\u0219 and R\u0103zvan Deaconescu of University POLITEHNICA of Bucharest\n\n**Quick Look**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\n**Siri**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**UIFoundation**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.\n\nCVE-2019-8690: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.\n\nCVE-2019-8649: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: Apple TV 4K and Apple TV HD\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8666: Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8671: Apple\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8677: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of Venustech\n\nCVE-2019-8679: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8680: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8687: Apple\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\nEntry updated September 11, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Game Center**\n\nWe would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.\n", "edition": 3, "modified": "2020-06-25T07:44:38", "published": "2020-06-25T07:44:38", "id": "APPLE:HT210351", "href": "https://support.apple.com/kb/HT210351", "title": "About the security content of tvOS 12.4 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:50", "bulletinFamily": "software", "cvelist": ["CVE-2020-10135", "CVE-2019-8663", "CVE-2019-8648", "CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8702", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8682", "CVE-2019-8688", "CVE-2019-8665", "CVE-2018-16860", "CVE-2019-9506", "CVE-2019-8679", "CVE-2019-8680", "CVE-2019-8673", "CVE-2019-8647", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8660", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8699", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8646", "CVE-2019-8690", "CVE-2019-8698", "CVE-2019-8668", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2019-8662", "CVE-2019-8657", "CVE-2019-8666"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## iOS 12.4\n\nReleased July 22, 2019\n\n**Bluetooth**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England\n\nThe changes for this issue mitigate CVE-2020-10135.\n\nEntry added August 13, 2019, updated June 25, 2020 \n\n**Core Data**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**FaceTime**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\n**Found in Apps**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8663: Natalie Silvanovich of Google Project Zero\n\n**Game Center**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A local user may be able to read a persistent account identifier\n\nDescription: This issue was addressed with a new entitlement.\n\nCVE-2019-8702: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.\n\nEntry added February 24, 2020\n\n**Heimdal**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst\n\n**Image Processing**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: Processing a maliciously crafted image may lead to a denial of service\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8668: an anonymous researcher\n\nEntry added October 8, 2019\n\n**libxslt**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**Messages**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may cause an unexpected application termination\n\nDescription: A denial of service issue was addressed with improved validation.\n\nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\n**Profiles**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A malicious application may be able to restrict access to websites\n\nDescription: A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement.\n\nCVE-2019-8698: Luke Deshotels, Jordan Beichler, and William Enck of North Carolina State University; Costin Caraba\u0219 and R\u0103zvan Deaconescu of University POLITEHNICA of Bucharest\n\n**Quick Look**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\n**Siri**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**Telephony**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: The initiator of a phone call may be able to cause the recipient to answer a simultaneous Walkie-Talkie connection\n\nDescription: A logic issue existed in the answering of phone calls. The issue was addressed with improved state management.\n\nCVE-2019-8699: Marius Alexandru Boeru (@mboeru) and an anonymous researcher\n\nEntry updated July 25, 2019\n\n**UIFoundation**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**Wallet**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: A user may inadvertently complete an in-app purchase while on the lock screen\n\nDescription: The issue was addressed with improved UI handling.\n\nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.\n\nCVE-2019-8690: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.\n\nCVE-2019-8649: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8666: Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8671: Apple\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8677: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8678: Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation, P1umer of ADLab of Venustech\n\nCVE-2019-8679: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8680: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8687: Apple\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\nEntry updated September 11, 2019\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Game Center**\n\nWe would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. for their assistance.\n\n**MobileInstallation**\n\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.\n", "edition": 3, "modified": "2020-06-25T07:44:38", "published": "2020-06-25T07:44:38", "id": "APPLE:HT210346", "href": "https://support.apple.com/kb/HT210346", "title": "About the security content of iOS 12.4 - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T20:43:02", "bulletinFamily": "software", "cvelist": ["CVE-2019-8696", "CVE-2020-10135", "CVE-2019-8663", "CVE-2019-8648", "CVE-2019-8681", "CVE-2019-8669", "CVE-2019-8702", "CVE-2019-8661", "CVE-2019-8675", "CVE-2019-8656", "CVE-2019-8697", "CVE-2019-8677", "CVE-2019-8649", "CVE-2019-8694", "CVE-2019-8688", "CVE-2018-16860", "CVE-2019-9506", "CVE-2019-8539", "CVE-2019-8679", "CVE-2019-8695", "CVE-2019-8680", "CVE-2019-8693", "CVE-2019-8670", "CVE-2019-8673", "CVE-2019-8692", "CVE-2019-8687", "CVE-2019-8672", "CVE-2019-8660", "CVE-2019-8658", "CVE-2019-8678", "CVE-2019-8676", "CVE-2019-8686", "CVE-2019-8701", "CVE-2019-13118", "CVE-2019-8644", "CVE-2019-8683", "CVE-2019-8671", "CVE-2019-8667", "CVE-2019-8646", "CVE-2019-8691", "CVE-2019-8690", "CVE-2019-8684", "CVE-2019-8689", "CVE-2019-8685", "CVE-2018-19860", "CVE-2019-8662", "CVE-2019-8657", "CVE-2019-8666"], "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra\n\nReleased July 22, 2019\n\n**AppleGraphicsControl**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8693: Arash Tohidi of Solita\n\n**autofs**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6\n\nImpact: Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper\n\nDescription: This was addressed with additional checks by Gatekeeper on files mounted through a network share.\n\nCVE-2019-8656: Filippo Cavallarin\n\n**Bluetooth**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2018-19860\n\n**Bluetooth**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6\n\nImpact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\n\nDescription: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.\n\nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England\n\nThe changes for this issue mitigate CVE-2020-10135.\n\nEntry added August 13, 2019, updated June 25, 2020 \n\n**Carbon Core**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A use after free issue was addressed with improved memory management.\n\nCVE-2019-8661: Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**Core Data**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project Zero\n\n**CUPS**\n\nAvailable for: macOS Sierra 10.12.6, macOS Mojave 10.14.5, macOS High Sierra 10.13.6\n\nImpact: An attacker in a privileged network position may be able to execute arbitrary code\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nCVE-2019-8675: Stephan Zeisberg (github.com/stze) of Security Research Labs (srlabs.de)\n\nCVE-2019-8696: Stephan Zeisberg (github.com/stze) of Security Research Labs (srlabs.de)\n\nEntry added August 14, 2019, updated September 17, 2019\n\n**Disk Management**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A malicious application may be able to execute arbitrary code with system privileges\n\nDescription: A memory initialization issue was addressed with improved memory handling.\n\nCVE-2019-8539: ccpwd working with Trend Micro's Zero Day Initiative\n\nEntry added September 17, 2019\n\n**Disk Management**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8697: ccpwd working with Trend Micro\u2019s Zero Day Initiative\n\n**FaceTime**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to cause arbitrary code execution\n\nDescription: A memory corruption issue was addressed with improved input validation.\n\nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\n**Found in Apps**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8663: Natalie Silvanovich of Google Project Zero\n\n**Game Center**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A local user may be able to read a persistent account identifier\n\nDescription: This issue was addressed with a new entitlement.\n\nCVE-2019-8702: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.\n\nEntry added February 24, 2020\n\n**Grapher**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8695: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**Graphics Drivers**\n\nAvailable for: macOS Mojave 10.14.5, macOS High Sierra 10.13.6\n\nImpact: An application may be able to read restricted memory\n\nDescription: A validation issue was addressed with improved input sanitization.\n\nCVE-2019-8691: Aleksandr Tarasikov (@astarasikov), Arash Tohidi of Solita, Lilang Wu and Moony Li of Trend Micro's Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8692: Lilang Wu and Moony Li of Trend Micro Mobile Security Research Team working with Trend Micro's Zero Day Initiative\n\nEntry updated July 25, 2019\n\n**Heimdal**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5\n\nImpact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services\n\nDescription: This issue was addressed with improved checks to prevent unauthorized actions.\n\nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst\n\n**IOAcceleratorFamily**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: An application may be able to execute arbitrary code with kernel privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8694: Arash Tohidi of Solita\n\n**libxslt**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to view sensitive information\n\nDescription: A stack overflow was addressed with improved input validation.\n\nCVE-2019-13118: found by OSS-Fuzz\n\n**Quick Look**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5\n\nImpact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary\n\nDescription: This issue was addressed with improved checks.\n\nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project Zero\n\n**Safari**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: Visiting a malicious website may lead to address bar spoofing\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2019-8670: Tsubasa FUJII (@reinforchu)\n\n**Security**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8697: ccpwd working with Trend Micro\u2019s Zero Day Initiative\n\n**sips**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6\n\nImpact: An application may be able to execute arbitrary code with system privileges\n\nDescription: A memory corruption issue was addressed with improved memory handling.\n\nCVE-2019-8701: Simon Huang(@HuangShaomang), Rong Fan(@fanrong1992) and pjf of IceSword Lab of Qihoo 360\n\nEntry added October 8, 2019\n\n**Siri**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: A remote attacker may be able to leak memory\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\n**Time Machine**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: The encryption status of a Time Machine backup may be incorrect\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2019-8667: Roland Kletzing of cyber:con GmbH\n\n**UIFoundation**\n\nAvailable for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.5\n\nImpact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution\n\nDescription: An out-of-bounds read was addressed with improved input validation.\n\nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of document loads. This issue was addressed with improved state management.\n\nCVE-2019-8690: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management.\n\nCVE-2019-8649: Sergei Glazunov of Google Project Zero\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may lead to universal cross site scripting\n\nDescription: A logic issue was addressed with improved state management.\n\nCVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative\n\n**WebKit**\n\nAvailable for: macOS Mojave 10.14.5\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution\n\nDescription: Multiple memory corruption issues were addressed with improved memory handling.\n\nCVE-2019-8644: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8666: Zongming Wang (\u738b\u5b97\u660e) and Zhe Jin (\u91d1\u54f2) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd.\n\nCVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8671: Apple\n\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\n\nCVE-2019-8673: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\n\nCVE-2019-8677: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8678: an anonymous researcher, Anthony Lai (@darkfloyd1014) of Knownsec, Ken Wong (@wwkenwong) of VXRL, Jeonghoon Shin (@singi21a) of Theori, Johnny Yu (@straight_blast) of VX Browser Exploitation Group, Chris Chan (@dr4g0nfl4me) of VX Browser Exploitation Group, Phil Mok (@shadyhamsters) of VX Browser Exploitation Group, Alan Ho (@alan_h0) of Knownsec, Byron Wai of VX Browser Exploitation\n\nCVE-2019-8679: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8680: Jihui Lu of Tencent KeenLab\n\nCVE-2019-8681: G. Geshev working with Trend Micro Zero Day Initiative\n\nCVE-2019-8683: lokihardt of Google Project Zero\n\nCVE-2019-8684: lokihardt of Google Project Zero\n\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL\n\nCVE-2019-8686: G. Geshev working with Trend Micro's Zero Day Initiative\n\nCVE-2019-8687: Apple\n\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\n\nCVE-2019-8689: lokihardt of Google Project Zero\n\n![](/library/content/dam/edam/applecare/images/en_US/mac_apps/itunes/divider.png)\n\n## Additional recognition\n\n**Classroom**\n\nWe would like to acknowledge Jeff Johnson of underpassapp.com for their assistance.\n\n**Game Center**\n\nWe would like to acknowledge Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc. for their assistance.\n", "edition": 3, "modified": "2020-06-25T07:44:38", "published": "2020-06-25T07:44:38", "id": "APPLE:HT210348", "href": "https://support.apple.com/kb/HT210348", "title": "About the security content of macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra - Apple Support", "type": "apple", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2020-12-24T15:41:21", "bulletinFamily": "software", "cvelist": ["CVE-2012-1695", "CVE-2012-3135", "CVE-2014-3004", "CVE-2014-3596", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-2183", "CVE-2016-4000", "CVE-2016-5019", "CVE-2016-6306", "CVE-2016-6814", "CVE-2016-8610", "CVE-2017-1000376", "CVE-2017-12626", "CVE-2017-14735", "CVE-2017-15708", "CVE-2017-15906", "CVE-2017-5645", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-1000030", "CVE-2018-1060", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11307", "CVE-2018-11759", "CVE-2018-11784", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-14718", "CVE-2018-15473", "CVE-2018-15756", "CVE-2018-15769", "CVE-2018-16395", "CVE-2018-17189", "CVE-2018-19362", "CVE-2018-20684", "CVE-2018-5407", "CVE-2018-6829", "CVE-2018-8032", "CVE-2018-8039", "CVE-2019-0199", "CVE-2019-0215", "CVE-2019-0221", "CVE-2019-0227", "CVE-2019-0232", "CVE-2019-10072", "CVE-2019-10086", "CVE-2019-10088", "CVE-2019-10092", "CVE-2019-10093", "CVE-2019-10094", "CVE-2019-10098", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-11358", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12406", "CVE-2019-12415", "CVE-2019-12419", "CVE-2019-12814", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1552", "CVE-2019-1559", "CVE-2019-1563", "CVE-2019-15845", "CVE-2019-16168", "CVE-2019-16201", "CVE-2019-16254", "CVE-2019-16255", "CVE-2019-16335", "CVE-2019-16775", "CVE-2019-16776", "CVE-2019-16777", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17531", "CVE-2019-2094", "CVE-2019-2725", "CVE-2019-2729", "CVE-2019-2904", "CVE-2019-3862", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-5718", "CVE-2019-8457", "CVE-2019-9208", "CVE-2019-9579", "CVE-2019-9636", "CVE-2019-9936", "CVE-2019-9937", "CVE-2020-2510", "CVE-2020-2511", "CVE-2020-2512", "CVE-2020-2515", "CVE-2020-2516", "CVE-2020-2517", "CVE-2020-2518", "CVE-2020-2519", "CVE-2020-2527", "CVE-2020-2530", "CVE-2020-2531", "CVE-2020-2533", "CVE-2020-2534", "CVE-2020-2535", "CVE-2020-2536", "CVE-2020-2537", "CVE-2020-2538", "CVE-2020-2539", "CVE-2020-2540", "CVE-2020-2541", "CVE-2020-2542", "CVE-2020-2543", "CVE-2020-2544", "CVE-2020-2545", "CVE-2020-2546", "CVE-2020-2547", "CVE-2020-2548", "CVE-2020-2549", "CVE-2020-2550", "CVE-2020-2551", "CVE-2020-2552", "CVE-2020-2555", "CVE-2020-2556", "CVE-2020-2557", "CVE-2020-2558", "CVE-2020-2559", "CVE-2020-2560", "CVE-2020-2561", "CVE-2020-2563", "CVE-2020-2564", "CVE-2020-2565", "CVE-2020-2566", "CVE-2020-2567", "CVE-2020-2568", "CVE-2020-2569", "CVE-2020-2570", "CVE-2020-2571", "CVE-2020-2572", "CVE-2020-2573", "CVE-2020-2574", "CVE-2020-2576", "CVE-2020-2577", "CVE-2020-2578", "CVE-2020-2579", "CVE-2020-2580", "CVE-2020-2581", "CVE-2020-2582", "CVE-2020-2583", "CVE-2020-2584", "CVE-2020-2585", "CVE-2020-2586", "CVE-2020-2587", "CVE-2020-2588", "CVE-2020-2589", "CVE-2020-2590", "CVE-2020-2591", "CVE-2020-2592", "CVE-2020-2593", "CVE-2020-2595", "CVE-2020-2596", "CVE-2020-2597", "CVE-2020-2598", "CVE-2020-2599", "CVE-2020-2600", "CVE-2020-2601", "CVE-2020-2602", "CVE-2020-2603", "CVE-2020-2604", "CVE-2020-2605", "CVE-2020-2606", "CVE-2020-2607", "CVE-2020-2608", "CVE-2020-2609", "CVE-2020-2610", "CVE-2020-2611", "CVE-2020-2612", "CVE-2020-2613", "CVE-2020-2614", "CVE-2020-2615", "CVE-2020-2616", "CVE-2020-2617", "CVE-2020-2618", "CVE-2020-2619", "CVE-2020-2620", "CVE-2020-2621", "CVE-2020-2622", "CVE-2020-2623", "CVE-2020-2624", "CVE-2020-2625", "CVE-2020-2626", "CVE-2020-2627", "CVE-2020-2628", "CVE-2020-2629", "CVE-2020-2630", "CVE-2020-2631", "CVE-2020-2632", "CVE-2020-2633", "CVE-2020-2634", "CVE-2020-2635", "CVE-2020-2636", "CVE-2020-2637", "CVE-2020-2638", "CVE-2020-2639", "CVE-2020-2640", "CVE-2020-2641", "CVE-2020-2642", "CVE-2020-2643", "CVE-2020-2644", "CVE-2020-2645", "CVE-2020-2646", "CVE-2020-2647", "CVE-2020-2648", "CVE-2020-2649", "CVE-2020-2650", "CVE-2020-2651", "CVE-2020-2652", "CVE-2020-2653", "CVE-2020-2654", "CVE-2020-2655", "CVE-2020-2656", "CVE-2020-2657", "CVE-2020-2658", "CVE-2020-2659", "CVE-2020-2660", "CVE-2020-2661", "CVE-2020-2662", "CVE-2020-2663", "CVE-2020-2664", "CVE-2020-2665", "CVE-2020-2666", "CVE-2020-2667", "CVE-2020-2668", "CVE-2020-2669", "CVE-2020-2670", "CVE-2020-2671", "CVE-2020-2672", "CVE-2020-2673", "CVE-2020-2674", "CVE-2020-2675", "CVE-2020-2676", "CVE-2020-2677", "CVE-2020-2678", "CVE-2020-2679", "CVE-2020-2680", "CVE-2020-2681", "CVE-2020-2682", "CVE-2020-2683", "CVE-2020-2684", "CVE-2020-2685", "CVE-2020-2686", "CVE-2020-2687", "CVE-2020-2688", "CVE-2020-2689", "CVE-2020-2690", "CVE-2020-2691", "CVE-2020-2692", "CVE-2020-2693", "CVE-2020-2694", "CVE-2020-2695", "CVE-2020-2696", "CVE-2020-2697", "CVE-2020-2698", "CVE-2020-2699", "CVE-2020-2700", "CVE-2020-2701", "CVE-2020-2702", "CVE-2020-2703", "CVE-2020-2704", "CVE-2020-2705", "CVE-2020-2707", "CVE-2020-2709", "CVE-2020-2710", "CVE-2020-2711", "CVE-2020-2712", "CVE-2020-2713", "CVE-2020-2714", "CVE-2020-2715", "CVE-2020-2716", "CVE-2020-2717", "CVE-2020-2718", "CVE-2020-2719", "CVE-2020-2720", "CVE-2020-2721", "CVE-2020-2722", "CVE-2020-2723", "CVE-2020-2724", "CVE-2020-2725", "CVE-2020-2726", "CVE-2020-2727", "CVE-2020-2728", "CVE-2020-2729", "CVE-2020-2730", "CVE-2020-2731", "CVE-2020-6950"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/security-alerts>) for information about Oracle Security Advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 334 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2627487.1>).\n", "modified": "2020-04-20T00:00:00", "published": "2020-01-14T00:00:00", "id": "ORACLE:CPUJAN2020", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - January 2020", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}