openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-933)

2020-07-20T00:00:00

Description

This update for rust, rust-cbindgen fixes the following issues : - Updated openssl-src to 1.1.1g for CVE-2020-1967.

{"id": "OPENSUSE-2020-933.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-933)", "description": "This update for rust, rust-cbindgen fixes the following issues :\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.", "published": "2020-07-20T00:00:00", "modified": "2020-08-13T00:00:00", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "href": "https://www.tenable.com/plugins/nessus/138725", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugzilla.opensuse.org/show_bug.cgi?id=1115645", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967", "https://bugzilla.opensuse.org/show_bug.cgi?id=1173202", "https://bugzilla.opensuse.org/show_bug.cgi?id=1154817"], "cvelist": ["CVE-2020-1967"], "immutableFields": [], "lastseen": "2022-06-16T15:37:44", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-202004-18", "ASA-202004-19"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0407"]}, {"type": "cve", "idList": ["CVE-2020-1967"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4661-1:70270"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-1967"]}, {"type": "f5", "idList": ["F5:K01251345"]}, {"type": "fedora", "idList": ["FEDORA:822D960BF257", "FEDORA:8514B6312F21", "FEDORA:B0BBE6085FBF"]}, {"type": "freebsd", "idList": ["012809CE-83F3-11EA-92AB-00163E433440", "E8483115-8B8E-11EA-BDCF-001B217B3468"]}, {"type": "gentoo", "idList": ["GLSA-202004-10"]}, {"type": "github", "idList": ["GHSA-JQ65-29V4-4X35"]}, {"type": "githubexploit", "idList": ["9D1AE9EC-AAED-5991-9F41-9458ABC7EFC3"]}, {"type": "hackerone", "idList": ["H1:874427"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200715-01-OPENSSL"]}, {"type": "ibm", "idList": ["0EF2B3BEA4403B998499114AE5D3693C840E985B7ECCF95FA6F6834A4F819197", "599FD7C04A9861E581A0889B84F743CE6345EDB3A38453CDF55B29FBE0F03491", "90D59D207E240BE5AC750765C539B8ED7F5604D85518190296B85710EF6190ED", "CD07568ED0ED0755A81F0FAAB2708FA8AAC3BA618A3434B98C44AA7ECD3EE952"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/ALPINE-LINUX-CVE-2020-1967/", "MSF:ILITIES/DEBIAN-CVE-2020-1967/", "MSF:ILITIES/FREEBSD-CVE-2020-1967/", "MSF:ILITIES/GENTOO-LINUX-CVE-2020-1967/", "MSF:ILITIES/HTTP-OPENSSL-CVE-2020-1967/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2020-1967/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2020-1967/", "MSF:ILITIES/ORACLE-MYSQL-CVE-2020-1967/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2020-1967/", "MSF:ILITIES/SUSE-CVE-2020-1967/"]}, {"type": "mscve", "idList": ["MS:ADV200007"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4661.NASL", "EULEROS_SA-2020-1613.NASL", "EULEROS_SA-2021-1619.NASL", "FEDORA_2020-D7B29838F6.NASL", "FEDORA_2020-DA2D1EF2D7.NASL", "FREEBSD_PKG_012809CE83F311EA92AB00163E433440.NASL", "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "GENTOO_GLSA-202004-10.NASL", "LCE_6_0_9.NASL", "MYSQL_5_6_49.NASL", "MYSQL_5_7_31.NASL", "MYSQL_8_0_21.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_21_1240.NASL", "OPENSSL_1_1_1G.NASL", "OPENSUSE-2020-945.NASL", "ORACLE_E-BUSINESS_CPU_APR_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_OCT_2020.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2020.NASL", "ORACLE_MYSQL_CONNECTORS_CPU_JUL_2020.NASL", "PHOTONOS_PHSA-2020-3_0-0082_NXTGN.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SUSE_SU-2020-1058-1.NASL", "SUSE_SU-2020-2041-1.NASL", "TENABLE_NESSUS_AGENT_TNS_2020_03.NASL"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2020-1967"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108752", "OPENVAS:1361412562310108753", "OPENVAS:1361412562310704661", "OPENVAS:1361412562310853254", "OPENVAS:1361412562310853258", "OPENVAS:1361412562310877736", "OPENVAS:1361412562310877748", "OPENVAS:1361412562310877816", "OPENVAS:1361412562311220201613"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2021", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021"]}, {"type": "photon", "idList": ["PHSA-2020-0082", "PHSA-2020-0233", "PHSA-2020-2.0-0233", "PHSA-2020-3.0-0082"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-1967"]}, {"type": "rustsec", "idList": ["RUSTSEC-2020-0015"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0933-1", "OPENSUSE-SU-2020:0945-1"]}, {"type": "symantec", "idList": ["SMNTC-1768"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-1967"]}], "rev": 4}, "score": {"value": 7.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-202004-18", "ASA-202004-19"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-0407"]}, {"type": "cve", "idList": ["CVE-2020-1967"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4661-1:70270"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-1967"]}, {"type": "f5", "idList": ["F5:K01251345"]}, {"type": "fedora", "idList": ["FEDORA:822D960BF257", "FEDORA:8514B6312F21", "FEDORA:B0BBE6085FBF"]}, {"type": "freebsd", "idList": ["012809CE-83F3-11EA-92AB-00163E433440", "E8483115-8B8E-11EA-BDCF-001B217B3468"]}, {"type": "gentoo", "idList": ["GLSA-202004-10"]}, {"type": "github", "idList": ["GHSA-JQ65-29V4-4X35"]}, {"type": "githubexploit", "idList": ["9D1AE9EC-AAED-5991-9F41-9458ABC7EFC3"]}, {"type": "hackerone", "idList": ["H1:874427"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20200715-01-OPENSSL"]}, {"type": "ibm", "idList": ["0EF2B3BEA4403B998499114AE5D3693C840E985B7ECCF95FA6F6834A4F819197", "599FD7C04A9861E581A0889B84F743CE6345EDB3A38453CDF55B29FBE0F03491", "CD07568ED0ED0755A81F0FAAB2708FA8AAC3BA618A3434B98C44AA7ECD3EE952"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2020-1967/"]}, {"type": "mscve", "idList": ["MS:ADV200007"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-4661.NASL", "EULEROS_SA-2020-1613.NASL", "FEDORA_2020-D7B29838F6.NASL", "FEDORA_2020-DA2D1EF2D7.NASL", "FREEBSD_PKG_012809CE83F311EA92AB00163E433440.NASL", "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "GENTOO_GLSA-202004-10.NASL", "PHOTONOS_PHSA-2020-3_0-0082_NXTGN.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SUSE_SU-2020-1058-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310108752", "OPENVAS:1361412562310108753", "OPENVAS:1361412562310704661", "OPENVAS:1361412562310877736", "OPENVAS:1361412562310877748", "OPENVAS:1361412562310877816", "OPENVAS:1361412562311220201613"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2021"]}, {"type": "photon", "idList": ["PHSA-2020-2.0-0233", "PHSA-2020-3.0-0082"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-1967"]}, {"type": "rustsec", "idList": ["RUSTSEC-2020-0015"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0933-1", "OPENSUSE-SU-2020:0945-1"]}, {"type": "symantec", "idList": ["SMNTC-1768"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-1967"]}]}, "exploitation": null, "vulnersScore": 7.2}, "_state": {"dependencies": 0, "score": 0}, "_internal": {}, "pluginID": "138725", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-933.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138725);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/13\");\n\n script_cve_id(\"CVE-2020-1967\");\n\n script_name(english:\"openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-933)\");\n script_summary(english:\"Check for the openSUSE-2020-933 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rust, rust-cbindgen fixes the following issues :\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173202\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected rust / rust-cbindgen packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cargo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clippy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-analysis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-cbindgen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-std-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rustfmt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"cargo-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"clippy-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rls-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rust-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rust-analysis-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rust-gdb-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rust-src-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rust-std-static-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"rustfmt-1.43.1-lp151.5.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"rust-cbindgen-0.14.1-lp151.8.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rust-cbindgen / cargo / clippy / rls / rust / rust-analysis / etc\");\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:opensuse:cargo", "p-cpe:/a:novell:opensuse:clippy", "p-cpe:/a:novell:opensuse:rls", "p-cpe:/a:novell:opensuse:rust", "p-cpe:/a:novell:opensuse:rust-analysis", "p-cpe:/a:novell:opensuse:rust-cbindgen", "p-cpe:/a:novell:opensuse:rust-gdb", "p-cpe:/a:novell:opensuse:rust-src", "p-cpe:/a:novell:opensuse:rust-std-static", "p-cpe:/a:novell:opensuse:rustfmt", "cpe:/o:novell:opensuse:15.1"], "solution": "Update the affected rust / rust-cbindgen packages.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "5.1"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2020-07-06T00:00:00", "vulnerabilityPublicationDate": "2020-04-21T00:00:00", "exploitableWith": []}

{"checkpoint_advisories": [{"lastseen": "2022-02-16T19:39:34", "description": "A NULL pointer dereference vulnerability exists in OpenSSL TLS. Successful exploitation results in a denial of service condition on the affected service.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-06-02T00:00:00", "type": "checkpoint_advisories", "title": "OpenSSL TLS NULL Pointer Dereference Denial of Service (CVE-2020-1967)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-06-02T00:00:00", "id": "CPAI-2020-0407", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:29:25", "description": "Server or client applications that call the SSL_check_chain() function\nduring or after a TLS 1.3 handshake may crash due to a NULL pointer\ndereference as a result of incorrect handling of the\n\"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid\nor unrecognised signature algorithm is received from the peer. This could\nbe exploited by a malicious peer in a Denial of Service attack. OpenSSL\nversion 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue\ndid not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g\n(Affected 1.1.1d-1.1.1f).\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | introduced in 1.1.1d\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "ubuntucve", "title": "CVE-2020-1967", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-21T00:00:00", "id": "UB:CVE-2020-1967", "href": "https://ubuntu.com/security/CVE-2020-1967", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:58", "description": "Arch Linux Security Advisory ASA-202004-19\n==========================================\n\nSeverity: High\nDate : 2020-04-22\nCVE-ID : CVE-2020-1967\nPackage : lib32-openssl\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1142\n\nSummary\n=======\n\nThe package lib32-openssl before version 1.1.1.g-1 is vulnerable to\ndenial of service.\n\nResolution\n==========\n\nUpgrade to 1.1.1.g-1.\n\n# pacman -Syu \"lib32-openssl>=1.1.1.g-1\"\n\nThe problem has been fixed upstream in version 1.1.1.g.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA NULL pointer dereference has been found in OpenSSL versions 1.1.1d,\n1.1.1e and 1.1.1f. Server or client applications that call the\nSSL_check_chain() function during or after a TLS 1.3 handshake may\ncrash due to a NULL pointer dereference as a result of incorrect\nhandling of the \"signature_algorithms_cert\" TLS extension. The crash\noccurs if an invalid or unrecognised signature algorithm is received\nfrom the peer. This could be exploited by a malicious peer in a Denial\nof Service attack.\n\nImpact\n======\n\nA malicious server or client may crash an openssl/libssl process by\nproviding a maliciously-crafted SSL handshake\n\nReferences\n==========\n\nhttps://www.openssl.org/news/secadv/20200421.txt\nhttps://github.com/openssl/openssl/commit/eb563247aef3e83dda7679c43f9649270462e5b1\nhttps://security.archlinux.org/CVE-2020-1967", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-22T00:00:00", "type": "archlinux", "title": "[ASA-202004-19] lib32-openssl: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-22T00:00:00", "id": "ASA-202004-19", "href": "https://security.archlinux.org/ASA-202004-19", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-07-28T14:33:58", "description": "Arch Linux Security Advisory ASA-202004-18\n==========================================\n\nSeverity: High\nDate : 2020-04-21\nCVE-ID : CVE-2020-1967\nPackage : openssl\nType : denial of service\nRemote : Yes\nLink : https://security.archlinux.org/AVG-1139\n\nSummary\n=======\n\nThe package openssl before version 1.1.1.g-1 is vulnerable to denial of\nservice.\n\nResolution\n==========\n\nUpgrade to 1.1.1.g-1.\n\n# pacman -Syu \"openssl>=1.1.1.g-1\"\n\nThe problem has been fixed upstream in version 1.1.1.g.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA NULL pointer dereference has been found in OpenSSL versions 1.1.1d,\n1.1.1e and 1.1.1f. Server or client applications that call the\nSSL_check_chain() function during or after a TLS 1.3 handshake may\ncrash due to a NULL pointer dereference as a result of incorrect\nhandling of the \"signature_algorithms_cert\" TLS extension. The crash\noccurs if an invalid or unrecognised signature algorithm is received\nfrom the peer. This could be exploited by a malicious peer in a Denial\nof Service attack.\n\nImpact\n======\n\nA malicious server or client may crash an openssl/libssl process by\nproviding a maliciously-crafted SSL handshake\n\nReferences\n==========\n\nhttps://www.openssl.org/news/secadv/20200421.txt\nhttps://github.com/openssl/openssl/commit/eb563247aef3e83dda7679c43f9649270462e5b1\nhttps://security.archlinux.org/CVE-2020-1967", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "archlinux", "title": "[ASA-202004-18] openssl: denial of service", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-21T00:00:00", "id": "ASA-202004-18", "href": "https://security.archlinux.org/ASA-202004-18", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:41:14", "description": "An update that solves one vulnerability and has two fixes\n is now available.\n\nDescription:\n\n This update for rust, rust-cbindgen fixes the following issues:\n\n rust was updated for use by Firefox 76ESR.\n\n - Fixed miscompilations with rustc 1.43 that lead to LTO failures\n (bsc#1173202)\n\n Update to version 1.43.1\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\n - Fixed the stabilization of AVX-512 features.\n - Fixed `cargo package --list` not working with unpublished dependencies.\n\n Update to version 1.43.0\n\n + Language:\n\n - Fixed using binary operations with `&{number}` (e.g. `&1.0`) not having\n the type inferred correctly.\n - Attributes such as `#[cfg()]` can now be used on `if` expressions.\n - Syntax only changes:\n * Allow `type Foo: Ord` syntactically.\n * Fuse associated and extern items up to defaultness.\n * Syntactically allow `self` in all `fn` contexts.\n * Merge `fn` syntax + cleanup item parsing.\n * `item` macro fragments can be interpolated into `trait`s, `impl`s, and\n `extern` blocks. For example, you may now write: ```rust macro_rules!\n mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {}\n } ```\n * These are still rejected *semantically*, so you will likely receive an\n error but these changes can be seen and parsed by macros and\n conditional compilation.\n\n + Compiler\n\n - You can now pass multiple lint flags to rustc to override the previous\n flags.\n\n For example; `rustc -D unused -A unused-variables` denies everything in\n the `unused` lint group except `unused-variables` which is explicitly\n allowed. However, passing `rustc -A unused-variables -D unused` denies\n everything in the `unused` lint group **including** `unused-variables`\n since the allow flag is specified before the deny flag (and therefore\n overridden).\n - rustc will now prefer your system MinGW libraries over its bundled\n libraries if they are available on `windows-gnu`.\n - rustc now buffers errors/warnings printed in JSON.\n\n Libraries:\n\n - `Arc<[T; N]>`, `Box<[T; N]>`, and `Rc<[T; N]>`, now implement\n `TryFrom<Arc<[T]>>`,`TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\n respectively.\n **Note** These conversions are only available when `N` is `0..=32`.\n - You can now use associated constants on floats and integers directly,\n rather than having to import the module. e.g. You can now write\n `u32::MAX` or `f32::NAN` with no imports.\n - `u8::is_ascii` is now `const`.\n - `String` now implements `AsMut<str>`.\n - Added the `primitive` module to `std` and `core`. This module reexports\n Rust's primitive types. This is mainly useful in macros where you want\n avoid these types being shadowed.\n - Relaxed some of the trait bounds on `HashMap` and `HashSet`.\n - `string::FromUtf8Error` now implements `Clone + Eq`.\n\n + Stabilized APIs\n\n - `Once::is_completed`\n - `f32::LOG10_2`\n - `f32::LOG2_10`\n - `f64::LOG10_2`\n - `f64::LOG2_10`\n - `iter::once_with`\n\n + Cargo\n\n - You can now set config `[profile]`s in your `.cargo/config`,\n or through your environment.\n - Cargo will now set `CARGO_BIN_EXE_<name>` pointing to a binary's\n executable path when running integration tests or benchmarks. `<name>`\n is the name of your binary as-is e.g. If you wanted the executable\n path for a binary named `my-program`you would use\n `env!(\"CARGO_BIN_EXE_my-program\")`.\n\n + Misc\n\n - Certain checks in the `const_err` lint were deemed unrelated to const\n evaluation, and have been moved to the `unconditional_panic` and\n `arithmetic_overflow` lints.\n\n + Compatibility Notes\n\n - Having trailing syntax in the `assert!` macro is now a hard error.\n This has been a warning since 1.36.0.\n - Fixed `Self` not having the correctly inferred type. This incorrectly\n led to some instances being accepted, and now correctly emits a hard\n error.\n\n Update to version 1.42.0:\n\n + Language\n\n - You can now use the slice pattern syntax with subslices.\n - You can now use #[repr(transparent)] on univariant enums. Meaning that\n you can create an enum that has the exact layout and ABI of the type\n it contains.\n - There are some syntax-only changes:\n * default is syntactically allowed before items in trait definitions.\n * Items in impls (i.e. consts, types, and fns) may syntactically leave\n out their bodies in favor of ;.\n * Bounds on associated types in impls are now syntactically allowed\n (e.g. type Foo: Ord;).\n * ... (the C-variadic type) may occur syntactically directly as the\n type of any function parameter. These are still rejected\n semantically, so you will likely receive an error but these changes\n can be seen and parsed by procedural macros and conditional\n compilation.\n\n + Compiler\n\n - Added tier 2 support for armv7a-none-eabi.\n - Added tier 2 support for riscv64gc-unknown-linux-gnu.\n - Option::{expect,unwrap} and Result::{expect, expect_err, unwrap,\n unwrap_err} now produce panic messages pointing to the location where\n they were called, rather than core's internals. Refer to Rust's\n platform support page for more information on Rust's tiered platform\n support.\n\n + Libraries\n\n - iter::Empty<T> now implements Send and Sync for any T.\n - Pin::{map_unchecked, map_unchecked_mut} no longer require the return\n type to implement Sized.\n - io::Cursor now derives PartialEq and Eq.\n - Layout::new is now const.\n - Added Standard Library support for riscv64gc-unknown-linux-gnu.\n\n + Stabilized APIs\n\n - CondVar::wait_while\n - CondVar::wait_timeout_while\n - DebugMap::key\n - DebugMap::value\n - ManuallyDrop::take\n - matches!\n - ptr::slice_from_raw_parts_mut\n - ptr::slice_from_raw_parts\n\n + Cargo\n\n - You no longer need to include extern crate proc_macro; to be able to\n use proc_macro; in the 2018 edition.\n\n + Compatibility Notes\n\n - Error::description has been deprecated, and its use will now produce a\n warning. It's recommended to use Display/to_string instead.\n\n Update to version 1.41.1:\n\n - Always check types of static items\n - Always check lifetime bounds of `Copy` impls\n - Fix miscompilation in callers of `Layout::repeat`\n\n Update to version 1.41.0:\n\n + Language\n\n - You can now pass type parameters to foreign items when implementing\n traits. E.g. You can now write `impl<T> From<Foo> for Vec<T> {}`.\n - You can now arbitrarily nest receiver types in the `self` position.\n E.g. you can now write `fn foo(self: Box<Box<Self>>) {}`. Previously\n only `Self`, `&Self`, `&mut Self`, `Arc<Self>`, `Rc<Self>`, and\n `Box<Self>` were allowed.\n - You can now use any valid identifier in a `format_args` macro.\n Previously identifiers starting with an underscore were not allowed.\n - Visibility modifiers (e.g. `pub`) are now syntactically allowed on\n trait items and enum variants. These are still rejected semantically,\n but can be seen and parsed by procedural macros and conditional\n compilation.\n\n + Compiler\n\n - Rustc will now warn if you have unused loop `'label`s.\n - Removed support for the `i686-unknown-dragonfly` target.\n - Added tier 3 support\\* for the `riscv64gc-unknown-linux-gnu` target.\n - You can now pass an arguments file passing the `@path` syntax to\n rustc. Note that the format differs somewhat from what is found in\n other tooling; please see the documentation for more information.\n - You can now provide `--extern` flag without a path, indicating that it\n is available from the search path or specified with an `-L` flag.\n\n Refer to Rust's [platform support page][forge-platform-support] for more\n information on Rust's tiered platform support.\n\n + Libraries\n\n - The `core::panic` module is now stable. It was already stable through\n `std`.\n - `NonZero*` numerics now implement `From<NonZero*>` if it's a smaller\n integer width. E.g. `NonZeroU16` now implements `From<NonZeroU8>`.\n - `MaybeUninit<T>` now implements `fmt::Debug`.\n\n + Stabilized APIs\n\n - `Result::map_or`\n - `Result::map_or_else`\n - `std::rc::Weak::weak_count`\n - `std::rc::Weak::strong_count`\n - `std::sync::Weak::weak_count`\n - `std::sync::Weak::strong_count`\n\n + Cargo\n\n - Cargo will now document all the private items for binary crates by\n default.\n - `cargo-install` will now reinstall the package if it detects that it\n is out\n of date.\n - Cargo.lock now uses a more git friendly format that should help to\n reduce merge conflicts.\n - You can now override specific dependencies's build settings. E.g.\n `[profile.dev.package.image] opt-level = 2` sets the `image` crate's\n optimisation level to `2` for debug builds. You can also use\n `[profile.<profile>.build-override]` to override build scripts and\n their dependencies.\n\n + Misc\n\n - You can now specify `edition` in documentation code blocks to compile\n the block for that edition. E.g. `edition2018` tells rustdoc that the\n code sample should be compiled the 2018 edition of Rust.\n - You can now provide custom themes to rustdoc with `--theme`, and check\n the current theme with `--check-theme`.\n - You can use `#[cfg(doc)]` to compile an item when building\n documentation.\n\n + Compatibility Notes\n\n - As previously announced 1.41.0 will be the last tier 1 release for\n 32-bit Apple targets. This means that the source code is still\n available to build, but the targets are no longer being tested and\n release binaries for those platforms will no longer be distributed by\n the Rust project. Please refer to the linked blog post for more\n information.\n\n - Bump version of libssh2 for SLE15; we now need a version with\n libssh2_userauth_publickey_frommemory(), which appeared in libssh2 1.6.0.\n\n Update to version 1.40.0\n\n + Language\n\n - You can now use tuple `struct`s and tuple `enum` variant's\n constructors in `const` contexts. e.g. pub struct Point(i32, i32);\n const ORIGIN: Point = { let constructor = Point; constructor(0, 0) };\n - You can now mark `struct`s, `enum`s, and `enum` variants with the\n `#[non_exhaustive]` attribute to indicate that there may be variants\n or fields added in the future. For example this requires adding a\n wild-card branch (`_ => {}`) to any match statements on a\n non-exhaustive `enum`.\n - You can now use function-like procedural macros in `extern` blocks and\n in type positions. e.g. `type Generated = macro!();`\n - Function-like and attribute procedural macros can now emit\n `macro_rules!` items, so you can now have your macros generate macros.\n - The `meta` pattern matcher in `macro_rules!` now correctly matches the\n modern attribute syntax. For example `(#[$m:meta])` now matches\n `#[attr]`, `#[attr{tokens}]`, `#[attr[tokens]]`, and `#[attr(tokens)]`.\n\n + Compiler\n\n - Added tier 3 support\\* for the `thumbv7neon-unknown-linux-musleabihf`\n target.\n - Added tier 3 support for the `aarch64-unknown-none-softfloat` target.\n - Added tier 3 support for the `mips64-unknown-linux-muslabi64`, and\n `mips64el-unknown-linux-muslabi64` targets.\n\n + Libraries\n\n - The `is_power_of_two` method on unsigned numeric types is now a\n `const` function.\n\n + Stabilized APIs\n\n - BTreeMap::get_key_value\n - HashMap::get_key_value\n - Option::as_deref_mut\n - Option::as_deref\n - Option::flatten\n - UdpSocket::peer_addr\n - f32::to_be_bytes\n - f32::to_le_bytes\n - f32::to_ne_bytes\n - f64::to_be_bytes\n - f64::to_le_bytes\n - f64::to_ne_bytes\n - f32::from_be_bytes\n - f32::from_le_bytes\n - f32::from_ne_bytes\n - f64::from_be_bytes\n - f64::from_le_bytes\n - f64::from_ne_bytes\n - mem::take\n - slice::repeat\n - todo!\n\n + Cargo\n\n - Cargo will now always display warnings, rather than only on fresh\n builds.\n - Feature flags (except `--all-features`) passed to a virtual workspace\n will now produce an error. Previously these flags were ignored.\n - You can now publish `dev-dependencies` without including a `version`.\n\n + Misc\n\n - You can now specify the `#[cfg(doctest)]` attribute to include an item\n only when running documentation tests with `rustdoc`.\n\n + Compatibility Notes\n\n - As previously announced, any previous NLL warnings in the 2015 edition\n are now hard errors.\n - The `include!` macro will now warn if it failed to include the entire\n file. The `include!` macro unintentionally only includes the first\n _expression_ in a file, and this can be unintuitive. This will become\n either a hard error in a future release, or the behavior may be fixed\n to include all expressions as expected.\n - Using `#[inline]` on function prototypes and consts now emits a\n warning under `unused_attribute` lint. Using `#[inline]` anywhere else\n inside traits\n or `extern` blocks now correctly emits a hard error.\n\n Update to version 1.39.0\n\n + Language\n\n - You can now create async functions and blocks with async fn, async\n move {}, and async {} respectively, and you can now call .await on\n async expressions.\n - You can now use certain attributes on function, closure, and function\n pointer parameters.\n - You can now take shared references to bind-by-move patterns in the if\n guards of match arms.\n\n + Compiler\n\n - Added tier 3 support for the i686-unknown-uefi target.\n - Added tier 3 support for the sparc64-unknown-openbsd target.\n - rustc will now trim code snippets in diagnostics to fit in your\n terminal.\n - You can now pass --show-output argument to test binaries to print the\n output of successful tests.\n\n + For more details:\n https://github.com/rust-lang/rust/blob/stable/RELEASES.md#version-1390-2019\n -11-07\n\n - Switch to bundled version of libgit2 for now. libgit2-sys seems to\n expect using the bundled variant, which just seems to point to a\n snapshot of the master branch and doesn't match any released libgit2\n (bsc#1154817). See: https://github.com/rust-lang/rust/issues/63476 and\n https://github.com/rust-lang/git2-rs/issues/458 for details.\n\n Update to version 1.38.0\n\n + Language\n\n - The `#[global_allocator]` attribute can now be used in submodules.\n - The `#[deprecated]` attribute can now be used on macros.\n\n + Compiler\n\n - Added pipelined compilation support to `rustc`. This will improve\n compilation times in some cases.\n\n + Libraries\n\n - `ascii::EscapeDefault` now implements `Clone` and `Display`.\n - Derive macros for prelude traits (e.g. `Clone`, `Debug`, `Hash`) are\n now available at the same path as the trait. (e.g. The `Clone` derive\n macro is available at `std::clone::Clone`). This also makes all\n built-in macros available in `std`/`core` root. e.g.\n `std::include_bytes!`.\n - `str::Chars` now implements `Debug`.\n - `slice::{concat, connect, join}` now accepts `&[T]` in addition to\n `&T`.\n - `*const T` and `*mut T` now implement `marker::Unpin`.\n - `Arc<[T]>` and `Rc<[T]>` now implement `FromIterator<T>`.\n - Added euclidean remainder and division operations (`div_euclid`,\n `rem_euclid`) to all numeric primitives. Additionally `checked`,\n `overflowing`, and `wrapping` versions are available for all integer\n primitives.\n - `thread::AccessError` now implements `Clone`, `Copy`, `Eq`, `Error`,\n and `PartialEq`.\n - `iter::{StepBy, Peekable, Take}` now implement `DoubleEndedIterator`.\n\n + Stabilized APIs\n\n - `<*const T>::cast`\n - `<*mut T>::cast`\n - `Duration::as_secs_f32`\n - `Duration::as_secs_f64`\n - `Duration::div_f32`\n - `Duration::div_f64`\n - `Duration::from_secs_f32`\n - `Duration::from_secs_f64`\n - `Duration::mul_f32`\n - `Duration::mul_f64`\n - `any::type_name`\n\n + Cargo\n\n - Added pipelined compilation support to `cargo`.\n - You can now pass the `--features` option multiple times to enable\n multiple features.\n\n + Misc\n\n - `rustc` will now warn about some incorrect uses of\n `mem::{uninitialized, zeroed}` that are known to cause undefined\n behaviour.\n\n Update to version 1.37.0\n\n + Language\n\n - #[must_use] will now warn if the type is contained in a tuple, Box,\n or an array and unused.\n - You can now use the `cfg` and `cfg_attr` attributes on generic\n parameters.\n - You can now use enum variants through type alias. e.g. You can write\n the following: ``` type MyOption = Option<u8>; fn\n increment_or_zero(x: MyOption) -> u8 { match x { MyOption::Some(y)\n => y + 1, MyOption::None => 0, } } ```\n - You can now use `_` as an identifier for consts. e.g. You can write\n `const _: u32 = 5;`.\n - You can now use `#[repr(align(X)]` on enums.\n - The `?` Kleene macro operator is now available in the 2015 edition.\n\n + Compiler\n\n - You can now enable Profile-Guided Optimization with the `-C\n profile-generate` and `-C profile-use` flags. For more information\n on how to use profile guided optimization, please refer to the rustc\n book.\n - The `rust-lldb` wrapper script should now work again.\n\n + Libraries\n\n - `mem::MaybeUninit<T>` is now ABI-compatible with `T`.\n\n + Stabilized APIs\n\n - BufReader::buffer\n - BufWriter::buffer\n - Cell::from_mut\n - Cell<[T]>::as_slice_of_cells\n - Cell<slice>::as_slice_of_cells\n - DoubleEndedIterator::nth_back\n - Option::xor\n - Wrapping::reverse_bits\n - i128::reverse_bits\n - i16::reverse_bits\n - i32::reverse_bits\n - i64::reverse_bits\n - i8::reverse_bits\n - isize::reverse_bits\n - slice::copy_within\n - u128::reverse_bits\n - u16::reverse_bits\n - u32::reverse_bits\n - u64::reverse_bits\n - u8::reverse_bits\n - usize::reverse_bits\n\n + Cargo\n\n - Cargo.lock files are now included by default when publishing\n executable crates with executables.\n - You can now specify `default-run=\"foo\"` in `[package]` to specify\n the default executable to use for `cargo run`.\n - cargo-vendor is now provided as a sub-command of cargo\n\n + Compatibility Notes\n\n - Using `...` for inclusive range patterns will now warn by default.\n Please transition your code to using the `..=` syntax for inclusive\n ranges instead.\n - Using a trait object without the `dyn` will now warn by default.\n Please transition your code to use `dyn Trait` for trait objects\n instead. Crab(String), Lobster(String), Person(String), let state =\n Creature::Crab(\"Ferris\"); if let Creature::Crab(name) |\n Creature::Person(name) = state { println!(\"This creature's name is:\n {}\", name); } unsafe { foo() } pub fn new(x: i32, y: i32) -> Self {\n Self(x, y) } pub fn is_origin(&self) -> bool { match self { Self(0,\n 0) => true, _ => false, } } Self: PartialOrd<Self> // can write\n `Self` instead of `List<T>` Nil, Cons(T, Box<Self>) // likewise here\n fn test(&self) { println!(\"one\"); } //~ ERROR duplicate definitions\n with name `test` fn test(&self) { println!(\"two\"); }\n\n * Basic procedural macros allowing custom `#[derive]`, aka \"macros 1.1\",\n are stable. This allows popular code-generating crates like Serde and\n Diesel to work ergonomically. [RFC 1681].\n * [Tuple structs may be empty. Unary and empty tuple structs may be\n instantiated with curly braces][36868]. Part of [RFC 1506].\n * [A number of minor changes to name resolution have been\n activated][37127]. They add up to more consistent semantics, allowing\n for future evolution of Rust macros. Specified in [RFC 1560], see its\n section on [\"changes\"] for details of what is different. The breaking\n changes here have been transitioned through the [`legacy_imports`] lint\n since 1.14, with no known regressions.\n * [In `macro_rules`, `path` fragments can now be parsed as type parameter\n bounds][38279]\n * [`?Sized` can be used in `where` clauses][37791]\n * [There is now a limit on the size of monomorphized types and it can be\n modified with the `#![type_size_limit]` crate attribute, similarly to\n the `#![recursion_limit]` attribute][37789]\n * [On Windows, the compiler will apply dllimport attributes when linking\n to extern functions][37973]. Additional attributes and flags can control\n which library kind is linked and its name. [RFC 1717].\n * [Rust-ABI symbols are no longer exported from cdylibs][38117]\n * [The `--test` flag works with procedural macro crates][38107]\n * [Fix `extern \"aapcs\" fn` ABI][37814]\n * [The `-C no-stack-check` flag is deprecated][37636]. It does nothing.\n * [The `format!` expander recognizes incorrect `printf` and shell-style\n formatting directives and suggests the correct format][37613].\n * [Only report one error for all unused imports in an import list][37456]\n * [Avoid unnecessary `mk_ty` calls in `Ty::super_fold_with`][37705]\n * [Avoid more unnecessary `mk_ty` calls in `Ty::super_fold_with`][37979]\n * [Don't clone in `UnificationTable::probe`][37848]\n * [Remove `scope_auxiliary` to cut RSS by 10%][37764]\n * [Use small vectors in type walker][37760]\n * [Macro expansion performance was improved][37701]\n * [Change `HirVec<P<T>>` to `HirVec<T>` in `hir::Expr`][37642]\n * [Replace FNV with a faster hash function][37229]\n https://raw.githubusercontent.com/rust-lang/rust/master/RELEASES.md\n\n rust-cbindgen is shipped in version 0.14.1.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2020-945=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-07T00:00:00", "type": "suse", "title": "Security update for rust, rust-cbindgen (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-07T00:00:00", "id": "OPENSUSE-SU-2020:0945-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7Z5FNEN6ESZTK5WIFX2ODDNYYHFYUJ3Z/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-18T12:41:14", "description": "An update that solves one vulnerability and has two fixes\n is now available.\n\nDescription:\n\n This update for rust, rust-cbindgen fixes the following issues:\n\n rust was updated for use by Firefox 76ESR.\n\n - Fixed miscompilations with rustc 1.43 that lead to LTO failures\n (bsc#1173202)\n\n Update to version 1.43.1\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\n - Fixed the stabilization of AVX-512 features.\n - Fixed `cargo package --list` not working with unpublished dependencies.\n\n Update to version 1.43.0\n\n + Language:\n\n - Fixed using binary operations with `&{number}` (e.g. `&1.0`) not having\n the type inferred correctly.\n - Attributes such as `#[cfg()]` can now be used on `if` expressions.\n - Syntax only changes:\n * Allow `type Foo: Ord` syntactically.\n * Fuse associated and extern items up to defaultness.\n * Syntactically allow `self` in all `fn` contexts.\n * Merge `fn` syntax + cleanup item parsing.\n * `item` macro fragments can be interpolated into `trait`s, `impl`s, and\n `extern` blocks. For example, you may now write: ```rust macro_rules!\n mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {}\n } ```\n * These are still rejected *semantically*, so you will likely receive an\n error but these changes can be seen and parsed by macros and\n conditional compilation.\n\n + Compiler\n\n - You can now pass multiple lint flags to rustc to override the previous\n flags.\n\n For example; `rustc -D unused -A unused-variables` denies everything in\n the `unused` lint group except `unused-variables` which is explicitly\n allowed. However, passing `rustc -A unused-variables -D unused` denies\n everything in the `unused` lint group **including** `unused-variables`\n since the allow flag is specified before the deny flag (and therefore\n overridden).\n - rustc will now prefer your system MinGW libraries over its bundled\n libraries if they are available on `windows-gnu`.\n - rustc now buffers errors/warnings printed in JSON.\n\n Libraries:\n\n - `Arc<[T; N]>`, `Box<[T; N]>`, and `Rc<[T; N]>`, now implement\n `TryFrom<Arc<[T]>>`,`TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\n respectively.\n **Note** These conversions are only available when `N` is `0..=32`.\n - You can now use associated constants on floats and integers directly,\n rather than having to import the module. e.g. You can now write\n `u32::MAX` or `f32::NAN` with no imports.\n - `u8::is_ascii` is now `const`.\n - `String` now implements `AsMut<str>`.\n - Added the `primitive` module to `std` and `core`. This module reexports\n Rust's primitive types. This is mainly useful in macros where you want\n avoid these types being shadowed.\n - Relaxed some of the trait bounds on `HashMap` and `HashSet`.\n - `string::FromUtf8Error` now implements `Clone + Eq`.\n\n + Stabilized APIs\n\n - `Once::is_completed`\n - `f32::LOG10_2`\n - `f32::LOG2_10`\n - `f64::LOG10_2`\n - `f64::LOG2_10`\n - `iter::once_with`\n\n + Cargo\n\n - You can now set config `[profile]`s in your `.cargo/config`,\n or through your environment.\n - Cargo will now set `CARGO_BIN_EXE_<name>` pointing to a binary's\n executable path when running integration tests or benchmarks. `<name>`\n is the name of your binary as-is e.g. If you wanted the executable\n path for a binary named `my-program`you would use\n `env!(\"CARGO_BIN_EXE_my-program\")`.\n\n + Misc\n\n - Certain checks in the `const_err` lint were deemed unrelated to const\n evaluation, and have been moved to the `unconditional_panic` and\n `arithmetic_overflow` lints.\n\n + Compatibility Notes\n\n - Having trailing syntax in the `assert!` macro is now a hard error.\n This has been a warning since 1.36.0.\n - Fixed `Self` not having the correctly inferred type. This incorrectly\n led to some instances being accepted, and now correctly emits a hard\n error.\n\n Update to version 1.42.0:\n\n + Language\n\n - You can now use the slice pattern syntax with subslices.\n - You can now use #[repr(transparent)] on univariant enums. Meaning that\n you can create an enum that has the exact layout and ABI of the type\n it contains.\n - There are some syntax-only changes:\n * default is syntactically allowed before items in trait definitions.\n * Items in impls (i.e. consts, types, and fns) may syntactically leave\n out their bodies in favor of ;.\n * Bounds on associated types in impls are now syntactically allowed\n (e.g. type Foo: Ord;).\n * ... (the C-variadic type) may occur syntactically directly as the\n type of any function parameter. These are still rejected\n semantically, so you will likely receive an error but these changes\n can be seen and parsed by procedural macros and conditional\n compilation.\n\n + Compiler\n\n - Added tier 2 support for armv7a-none-eabi.\n - Added tier 2 support for riscv64gc-unknown-linux-gnu.\n - Option::{expect,unwrap} and Result::{expect, expect_err, unwrap,\n unwrap_err} now produce panic messages pointing to the location where\n they were called, rather than core's internals. Refer to Rust's\n platform support page for more information on Rust's tiered platform\n support.\n\n + Libraries\n\n - iter::Empty<T> now implements Send and Sync for any T.\n - Pin::{map_unchecked, map_unchecked_mut} no longer require the return\n type to implement Sized.\n - io::Cursor now derives PartialEq and Eq.\n - Layout::new is now const.\n - Added Standard Library support for riscv64gc-unknown-linux-gnu.\n\n + Stabilized APIs\n\n - CondVar::wait_while\n - CondVar::wait_timeout_while\n - DebugMap::key\n - DebugMap::value\n - ManuallyDrop::take\n - matches!\n - ptr::slice_from_raw_parts_mut\n - ptr::slice_from_raw_parts\n\n + Cargo\n\n - You no longer need to include extern crate proc_macro; to be able to\n use proc_macro; in the 2018 edition.\n\n + Compatibility Notes\n\n - Error::description has been deprecated, and its use will now produce a\n warning. It's recommended to use Display/to_string instead.\n\n Update to version 1.41.1:\n\n - Always check types of static items\n - Always check lifetime bounds of `Copy` impls\n - Fix miscompilation in callers of `Layout::repeat`\n\n Update to version 1.41.0:\n\n + Language\n\n - You can now pass type parameters to foreign items when implementing\n traits. E.g. You can now write `impl<T> From<Foo> for Vec<T> {}`.\n - You can now arbitrarily nest receiver types in the `self` position.\n E.g. you can now write `fn foo(self: Box<Box<Self>>) {}`. Previously\n only `Self`, `&Self`, `&mut Self`, `Arc<Self>`, `Rc<Self>`, and\n `Box<Self>` were allowed.\n - You can now use any valid identifier in a `format_args` macro.\n Previously identifiers starting with an underscore were not allowed.\n - Visibility modifiers (e.g. `pub`) are now syntactically allowed on\n trait items and enum variants. These are still rejected semantically,\n but can be seen and parsed by procedural macros and conditional\n compilation.\n\n + Compiler\n\n - Rustc will now warn if you have unused loop `'label`s.\n - Removed support for the `i686-unknown-dragonfly` target.\n - Added tier 3 support\\* for the `riscv64gc-unknown-linux-gnu` target.\n - You can now pass an arguments file passing the `@path` syntax to\n rustc. Note that the format differs somewhat from what is found in\n other tooling; please see the documentation for more information.\n - You can now provide `--extern` flag without a path, indicating that it\n is available from the search path or specified with an `-L` flag.\n\n Refer to Rust's [platform support page][forge-platform-support] for more\n information on Rust's tiered platform support.\n\n + Libraries\n\n - The `core::panic` module is now stable. It was already stable through\n `std`.\n - `NonZero*` numerics now implement `From<NonZero*>` if it's a smaller\n integer width. E.g. `NonZeroU16` now implements `From<NonZeroU8>`.\n - `MaybeUninit<T>` now implements `fmt::Debug`.\n\n + Stabilized APIs\n\n - `Result::map_or`\n - `Result::map_or_else`\n - `std::rc::Weak::weak_count`\n - `std::rc::Weak::strong_count`\n - `std::sync::Weak::weak_count`\n - `std::sync::Weak::strong_count`\n\n + Cargo\n\n - Cargo will now document all the private items for binary crates by\n default.\n - `cargo-install` will now reinstall the package if it detects that it\n is out\n of date.\n - Cargo.lock now uses a more git friendly format that should help to\n reduce merge conflicts.\n - You can now override specific dependencies's build settings. E.g.\n `[profile.dev.package.image] opt-level = 2` sets the `image` crate's\n optimisation level to `2` for debug builds. You can also use\n `[profile.<profile>.build-override]` to override build scripts and\n their dependencies.\n\n + Misc\n\n - You can now specify `edition` in documentation code blocks to compile\n the block for that edition. E.g. `edition2018` tells rustdoc that the\n code sample should be compiled the 2018 edition of Rust.\n - You can now provide custom themes to rustdoc with `--theme`, and check\n the current theme with `--check-theme`.\n - You can use `#[cfg(doc)]` to compile an item when building\n documentation.\n\n + Compatibility Notes\n\n - As previously announced 1.41.0 will be the last tier 1 release for\n 32-bit Apple targets. This means that the source code is still\n available to build, but the targets are no longer being tested and\n release binaries for those platforms will no longer be distributed by\n the Rust project. Please refer to the linked blog post for more\n information.\n\n - Bump version of libssh2 for SLE15; we now need a version with\n libssh2_userauth_publickey_frommemory(), which appeared in libssh2 1.6.0.\n\n Update to version 1.40.0\n\n + Language\n\n - You can now use tuple `struct`s and tuple `enum` variant's\n constructors in `const` contexts. e.g. pub struct Point(i32, i32);\n const ORIGIN: Point = { let constructor = Point; constructor(0, 0) };\n - You can now mark `struct`s, `enum`s, and `enum` variants with the\n `#[non_exhaustive]` attribute to indicate that there may be variants\n or fields added in the future. For example this requires adding a\n wild-card branch (`_ => {}`) to any match statements on a\n non-exhaustive `enum`.\n - You can now use function-like procedural macros in `extern` blocks and\n in type positions. e.g. `type Generated = macro!();`\n - Function-like and attribute procedural macros can now emit\n `macro_rules!` items, so you can now have your macros generate macros.\n - The `meta` pattern matcher in `macro_rules!` now correctly matches the\n modern attribute syntax. For example `(#[$m:meta])` now matches\n `#[attr]`, `#[attr{tokens}]`, `#[attr[tokens]]`, and `#[attr(tokens)]`.\n\n + Compiler\n\n - Added tier 3 support\\* for the `thumbv7neon-unknown-linux-musleabihf`\n target.\n - Added tier 3 support for the `aarch64-unknown-none-softfloat` target.\n - Added tier 3 support for the `mips64-unknown-linux-muslabi64`, and\n `mips64el-unknown-linux-muslabi64` targets.\n\n + Libraries\n\n - The `is_power_of_two` method on unsigned numeric types is now a\n `const` function.\n\n + Stabilized APIs\n\n - BTreeMap::get_key_value\n - HashMap::get_key_value\n - Option::as_deref_mut\n - Option::as_deref\n - Option::flatten\n - UdpSocket::peer_addr\n - f32::to_be_bytes\n - f32::to_le_bytes\n - f32::to_ne_bytes\n - f64::to_be_bytes\n - f64::to_le_bytes\n - f64::to_ne_bytes\n - f32::from_be_bytes\n - f32::from_le_bytes\n - f32::from_ne_bytes\n - f64::from_be_bytes\n - f64::from_le_bytes\n - f64::from_ne_bytes\n - mem::take\n - slice::repeat\n - todo!\n\n + Cargo\n\n - Cargo will now always display warnings, rather than only on fresh\n builds.\n - Feature flags (except `--all-features`) passed to a virtual workspace\n will now produce an error. Previously these flags were ignored.\n - You can now publish `dev-dependencies` without including a `version`.\n\n + Misc\n\n - You can now specify the `#[cfg(doctest)]` attribute to include an item\n only when running documentation tests with `rustdoc`.\n\n + Compatibility Notes\n\n - As previously announced, any previous NLL warnings in the 2015 edition\n are now hard errors.\n - The `include!` macro will now warn if it failed to include the entire\n file. The `include!` macro unintentionally only includes the first\n _expression_ in a file, and this can be unintuitive. This will become\n either a hard error in a future release, or the behavior may be fixed\n to include all expressions as expected.\n - Using `#[inline]` on function prototypes and consts now emits a\n warning under `unused_attribute` lint. Using `#[inline]` anywhere else\n inside traits\n or `extern` blocks now correctly emits a hard error.\n\n Update to version 1.39.0\n\n + Language\n\n - You can now create async functions and blocks with async fn, async\n move {}, and async {} respectively, and you can now call .await on\n async expressions.\n - You can now use certain attributes on function, closure, and function\n pointer parameters.\n - You can now take shared references to bind-by-move patterns in the if\n guards of match arms.\n\n + Compiler\n\n - Added tier 3 support for the i686-unknown-uefi target.\n - Added tier 3 support for the sparc64-unknown-openbsd target.\n - rustc will now trim code snippets in diagnostics to fit in your\n terminal.\n - You can now pass --show-output argument to test binaries to print the\n output of successful tests.\n\n + For more details:\n https://github.com/rust-lang/rust/blob/stable/RELEASES.md#version-1390-2019\n -11-07\n\n - Switch to bundled version of libgit2 for now. libgit2-sys seems to\n expect using the bundled variant, which just seems to point to a\n snapshot of the master branch and doesn't match any released libgit2\n (bsc#1154817). See: https://github.com/rust-lang/rust/issues/63476 and\n https://github.com/rust-lang/git2-rs/issues/458 for details.\n\n Update to version 1.38.0\n\n + Language\n\n - The `#[global_allocator]` attribute can now be used in submodules.\n - The `#[deprecated]` attribute can now be used on macros.\n\n + Compiler\n\n - Added pipelined compilation support to `rustc`. This will improve\n compilation times in some cases.\n\n + Libraries\n\n - `ascii::EscapeDefault` now implements `Clone` and `Display`.\n - Derive macros for prelude traits (e.g. `Clone`, `Debug`, `Hash`) are\n now available at the same path as the trait. (e.g. The `Clone` derive\n macro is available at `std::clone::Clone`). This also makes all\n built-in macros available in `std`/`core` root. e.g.\n `std::include_bytes!`.\n - `str::Chars` now implements `Debug`.\n - `slice::{concat, connect, join}` now accepts `&[T]` in addition to\n `&T`.\n - `*const T` and `*mut T` now implement `marker::Unpin`.\n - `Arc<[T]>` and `Rc<[T]>` now implement `FromIterator<T>`.\n - Added euclidean remainder and division operations (`div_euclid`,\n `rem_euclid`) to all numeric primitives. Additionally `checked`,\n `overflowing`, and `wrapping` versions are available for all integer\n primitives.\n - `thread::AccessError` now implements `Clone`, `Copy`, `Eq`, `Error`,\n and `PartialEq`.\n - `iter::{StepBy, Peekable, Take}` now implement `DoubleEndedIterator`.\n\n + Stabilized APIs\n\n - `<*const T>::cast`\n - `<*mut T>::cast`\n - `Duration::as_secs_f32`\n - `Duration::as_secs_f64`\n - `Duration::div_f32`\n - `Duration::div_f64`\n - `Duration::from_secs_f32`\n - `Duration::from_secs_f64`\n - `Duration::mul_f32`\n - `Duration::mul_f64`\n - `any::type_name`\n\n + Cargo\n\n - Added pipelined compilation support to `cargo`.\n - You can now pass the `--features` option multiple times to enable\n multiple features.\n\n + Misc\n\n - `rustc` will now warn about some incorrect uses of\n `mem::{uninitialized, zeroed}` that are known to cause undefined\n behaviour.\n\n Update to version 1.37.0\n\n + Language\n\n - #[must_use] will now warn if the type is contained in a tuple, Box,\n or an array and unused.\n - You can now use the `cfg` and `cfg_attr` attributes on generic\n parameters.\n - You can now use enum variants through type alias. e.g. You can write\n the following: ``` type MyOption = Option<u8>; fn\n increment_or_zero(x: MyOption) -> u8 { match x { MyOption::Some(y)\n => y + 1, MyOption::None => 0, } } ```\n - You can now use `_` as an identifier for consts. e.g. You can write\n `const _: u32 = 5;`.\n - You can now use `#[repr(align(X)]` on enums.\n - The `?` Kleene macro operator is now available in the 2015 edition.\n\n + Compiler\n\n - You can now enable Profile-Guided Optimization with the `-C\n profile-generate` and `-C profile-use` flags. For more information\n on how to use profile guided optimization, please refer to the rustc\n book.\n - The `rust-lldb` wrapper script should now work again.\n\n + Libraries\n\n - `mem::MaybeUninit<T>` is now ABI-compatible with `T`.\n\n + Stabilized APIs\n\n - BufReader::buffer\n - BufWriter::buffer\n - Cell::from_mut\n - Cell<[T]>::as_slice_of_cells\n - Cell<slice>::as_slice_of_cells\n - DoubleEndedIterator::nth_back\n - Option::xor\n - Wrapping::reverse_bits\n - i128::reverse_bits\n - i16::reverse_bits\n - i32::reverse_bits\n - i64::reverse_bits\n - i8::reverse_bits\n - isize::reverse_bits\n - slice::copy_within\n - u128::reverse_bits\n - u16::reverse_bits\n - u32::reverse_bits\n - u64::reverse_bits\n - u8::reverse_bits\n - usize::reverse_bits\n\n + Cargo\n\n - Cargo.lock files are now included by default when publishing\n executable crates with executables.\n - You can now specify `default-run=\"foo\"` in `[package]` to specify\n the default executable to use for `cargo run`.\n - cargo-vendor is now provided as a sub-command of cargo\n\n + Compatibility Notes\n\n - Using `...` for inclusive range patterns will now warn by default.\n Please transition your code to using the `..=` syntax for inclusive\n ranges instead.\n - Using a trait object without the `dyn` will now warn by default.\n Please transition your code to use `dyn Trait` for trait objects\n instead. Crab(String), Lobster(String), Person(String), let state =\n Creature::Crab(\"Ferris\"); if let Creature::Crab(name) |\n Creature::Person(name) = state { println!(\"This creature's name is:\n {}\", name); } unsafe { foo() } pub fn new(x: i32, y: i32) -> Self {\n Self(x, y) } pub fn is_origin(&self) -> bool { match self { Self(0,\n 0) => true, _ => false, } } Self: PartialOrd<Self> // can write\n `Self` instead of `List<T>` Nil, Cons(T, Box<Self>) // likewise here\n fn test(&self) { println!(\"one\"); } //~ ERROR duplicate definitions\n with name `test` fn test(&self) { println!(\"two\"); }\n\n * Basic procedural macros allowing custom `#[derive]`, aka \"macros 1.1\",\n are stable. This allows popular code-generating crates like Serde and\n Diesel to work ergonomically. [RFC 1681].\n * [Tuple structs may be empty. Unary and empty tuple structs may be\n instantiated with curly braces][36868]. Part of [RFC 1506].\n * [A number of minor changes to name resolution have been\n activated][37127]. They add up to more consistent semantics, allowing\n for future evolution of Rust macros. Specified in [RFC 1560], see its\n section on [\"changes\"] for details of what is different. The breaking\n changes here have been transitioned through the [`legacy_imports`] lint\n since 1.14, with no known regressions.\n * [In `macro_rules`, `path` fragments can now be parsed as type parameter\n bounds][38279]\n * [`?Sized` can be used in `where` clauses][37791]\n * [There is now a limit on the size of monomorphized types and it can be\n modified with the `#![type_size_limit]` crate attribute, similarly to\n the `#![recursion_limit]` attribute][37789]\n * [On Windows, the compiler will apply dllimport attributes when linking\n to extern functions][37973]. Additional attributes and flags can control\n which library kind is linked and its name. [RFC 1717].\n * [Rust-ABI symbols are no longer exported from cdylibs][38117]\n * [The `--test` flag works with procedural macro crates][38107]\n * [Fix `extern \"aapcs\" fn` ABI][37814]\n * [The `-C no-stack-check` flag is deprecated][37636]. It does nothing.\n * [The `format!` expander recognizes incorrect `printf` and shell-style\n formatting directives and suggests the correct format][37613].\n * [Only report one error for all unused imports in an import list][37456]\n * [Avoid unnecessary `mk_ty` calls in `Ty::super_fold_with`][37705]\n * [Avoid more unnecessary `mk_ty` calls in `Ty::super_fold_with`][37979]\n * [Don't clone in `UnificationTable::probe`][37848]\n * [Remove `scope_auxiliary` to cut RSS by 10%][37764]\n * [Use small vectors in type walker][37760]\n * [Macro expansion performance was improved][37701]\n * [Change `HirVec<P<T>>` to `HirVec<T>` in `hir::Expr`][37642]\n * [Replace FNV with a faster hash function][37229]\n https://raw.githubusercontent.com/rust-lang/rust/master/RELEASES.md\n\n rust-cbindgen is shipped in version 0.14.1.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-933=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-06T00:00:00", "type": "suse", "title": "Security update for rust, rust-cbindgen (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-06T00:00:00", "id": "OPENSUSE-SU-2020:0933-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/F5H7V5OW6UBVFHCH47YCKODMLJ7D63J7/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:31", "description": "\n\nProblem Description:\nServer or client applications that call the SSL_check_chain()\n\tfunction during or after a TLS 1.3 handshake may crash due to a NULL\n\tpointer dereference as a result of incorrect handling of the\n\t\"signature_algorithms_cert\" TLS extension. The crash occurs if an\n\tinvalid or unrecognized signature algorithm is received from the\n\tpeer.\nImpact:\nA malicious peer could exploit the NULL pointer dereference crash,\n\tcausing a denial of service attack.\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "freebsd", "title": "OpenSSL remote denial of service vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-22T00:00:00", "id": "012809CE-83F3-11EA-92AB-00163E433440", "href": "https://vuxml.freebsd.org/freebsd/012809ce-83f3-11ea-92ab-00163e433440.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-01-19T15:51:31", "description": "\n\nGitlab reports:\n\nPath Traversal in NuGet Package Registry\nWorkhorse Bypass Leads to File Disclosure\nOAuth Application Client Secrets Revealed\nCode Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes\nCode Owners Protection Not Enforced from Web UI\nRepository Mirror Passwords Exposed To Maintainers\nAdmin Audit Log Page Denial of Service\nPrivate Project ID Revealed Through Group API\nElasticsearch Credentials Logged to ELK\nGitHub Personal Access Token Exposed on Integrations Page\nUpdate Nokogiri dependency\nUpdate OpenSSL Dependency\nUpdate git\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-30T00:00:00", "type": "freebsd", "title": "Gitlab -- Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10187", "CVE-2020-11008", "CVE-2020-12448", "CVE-2020-1967", "CVE-2020-7595"], "modified": "2020-04-30T00:00:00", "id": "E8483115-8B8E-11EA-BDCF-001B217B3468", "href": "https://vuxml.freebsd.org/freebsd/e8483115-8b8e-11ea-bdcf-001b217b3468.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "openvas": [{"lastseen": "2020-05-08T09:09:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-22T00:00:00", "type": "openvas", "title": "Debian: Security Advisory for openssl (DSA-4661-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-05-05T00:00:00", "id": "OPENVAS:1361412562310704661", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704661", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704661\");\n script_version(\"2020-05-05T07:00:07+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-05 07:00:07 +0000 (Tue, 05 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-22 03:00:04 +0000 (Wed, 22 Apr 2020)\");\n script_name(\"Debian: Security Advisory for openssl (DSA-4661-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4661.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4661-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the DSA-4661-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Bernd Edlinger discovered that malformed data passed to the\nSSL_check_chain() function during or after a TLS 1.3 handshake could\ncause a NULL dereference, resulting in denial of service.\n\nThe oldstable distribution (stretch) is not affected.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u3.\n\nWe recommend that you upgrade your openssl packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.1.1d-0+deb10u3\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-doc\", ver:\"1.1.1d-0+deb10u3\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.1d-0+deb10u3\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.1.1d-0+deb10u3\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:27:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-07T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0933-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-09T00:00:00", "id": "OPENVAS:1361412562310853254", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853254", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853254\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-07 03:01:09 +0000 (Tue, 07 Jul 2020)\");\n script_name(\"openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0933-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0933-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00004.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rust, '\n package(s) announced via the openSUSE-SU-2020:0933-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for rust, rust-cbindgen fixes the following issues:\n\n rust was updated for use by Firefox 76ESR.\n\n - Fixed miscompilations with rustc 1.43 that lead to LTO failures\n (bsc#1173202)\n\n Update to version 1.43.1\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\n\n - Fixed the stabilization of AVX-512 features.\n\n - Fixed `cargo package --list` not working with unpublished dependencies.\n\n Update to version 1.43.0\n\n + Language:\n\n - Fixed using binary operations with `&{number}` (e.g. `&1.0`) not having\n the type inferred correctly.\n\n - Attributes such as `#[cfg()]` can now be used on `if` expressions.\n\n - Syntax only changes:\n\n * Allow `type Foo: Ord` syntactically.\n\n * Fuse associated and extern items up to defaultness.\n\n * Syntactically allow `self` in all `fn` contexts.\n\n * Merge `fn` syntax + cleanup item parsing.\n\n * `item` macro fragments can be interpolated into `trait`s, `impl`s, and\n `extern` blocks. For example, you may now write: ```rust macro_rules!\n mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {}\n } ```\n\n * These are still rejected *semantically*, so you will likely receive an\n error but these changes can be seen and parsed by macros and\n conditional compilation.\n\n + Compiler\n\n - You can now pass multiple lint flags to rustc to override the previous\n flags.\n\n For example, `rustc -D unused -A unused-variables` denies everything in\n the `unused` lint group except `unused-variables` which is explicitly\n allowed. However, passing `rustc -A unused-variables -D unused` denies\n everything in the `unused` lint group **including** `unused-variables`\n since the allow flag is specified before the deny flag (and therefore\n overridden).\n\n - rustc will now prefer your system MinGW libraries over its bundled\n libraries if they are available on `windows-gnu`.\n\n - rustc now buffers errors/warnings printed in JSON.\n\n Libraries:\n\n - `Arc<[T, N]>`, `Box<[T, N]>`, and `Rc<[T, N]>`, now implement\n `TryFrom<Arc<[T]>>`, `TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\n respectively.\n **Note** These conversions are only available when `N` is `0..=32`.\n\n - You can now use associated constants on floats and integers directly,\n rather than having to import the module. e.g. You can now write\n `u32::MAX` or `f32::NAN` with no imports.\n\n - `u8::is_ascii` is now `const`.\n\n - `String` now implements `AsMut<str>`.\n\n - Added the `primitive` module to `std` and `core`. This module reexports\n Rust's primitive types. This is mainly useful in macros where you want\n avoid these types being shadowed.\n\n - Relaxed some of the trait bounds on `HashMap` and `HashSe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'rust, ' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo\", rpm:\"cargo~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clippy\", rpm:\"clippy~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rls\", rpm:\"rls~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust\", rpm:\"rust~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-analysis\", rpm:\"rust-analysis~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-doc\", rpm:\"rust-doc~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-gdb\", rpm:\"rust-gdb~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-std-static\", rpm:\"rust-std-static~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rustfmt\", rpm:\"rustfmt~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo-doc\", rpm:\"cargo-doc~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-src\", rpm:\"rust-src~1.43.1~lp151.5.13.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ust-cbindgen\", rpm:\"ust-cbindgen~0.14.1~lp151.8.2\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-01T18:47:17", "description": "OpenSSL server or client applications are prone to a\n denial-of-service vulnerability.", "cvss3": {}, "published": "2020-04-22T00:00:00", "type": "openvas", "title": "OpenSSL: Segmentation fault in SSL_check_chain (CVE-2020-1967) (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-22T00:00:00", "id": "OPENVAS:1361412562310108752", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108752", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108752\");\n script_version(\"2020-04-22T06:06:21+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-22 06:06:21 +0000 (Wed, 22 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-22 06:05:59 +0000 (Wed, 22 Apr 2020)\");\n script_name(\"OpenSSL: Segmentation fault in SSL_check_chain (CVE-2020-1967) (Windows)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_win.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_windows\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20200421.txt\");\n script_xref(name:\"URL\", value:\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1\");\n\n script_tag(name:\"summary\", value:\"OpenSSL server or client applications are prone to a\n denial-of-service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Server or client applications that call the SSL_check_chain() function\n during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect\n handling of the 'signature_algorithms_cert' TLS extension. The crash occurs if an invalid or unrecognised\n signature algorithm is received from the peer.\");\n\n script_tag(name:\"impact\", value:\"This could be exploited by a malicious peer in a Denial of\n Service attack.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions 1.1.1d, 1.1.1e, and 1.1.1f.\n\n This issue does not impact OpenSSL versions prior to 1.1.1d.\");\n\n script_tag(name:\"solution\", value:\"Update OpenSSL to version 1.1.1g or later. See the references for more details.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif( version_in_range( version:vers, test_version:\"1.1.1d\", test_version2:\"1.1.1f\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.1.1g\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-06-04T15:49:11", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl111d (EulerOS-SA-2020-1613)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562311220201613", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201613", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1613\");\n script_version(\"2020-06-03T06:06:05+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 06:06:05 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 06:06:05 +0000 (Wed, 03 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl111d (EulerOS-SA-2020-1613)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1613\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1613\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl111d' package(s) announced via the EulerOS-SA-2020-1613 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the 'signature_algorithms_cert' TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).(CVE-2020-1967)\");\n\n script_tag(name:\"affected\", value:\"'openssl111d' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d\", rpm:\"openssl111d~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d-devel\", rpm:\"openssl111d-devel~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d-libs\", rpm:\"openssl111d-libs~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl111d-static\", rpm:\"openssl111d-static~1.1.1d~2.h6.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:30:41", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-07-08T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0945-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-09T00:00:00", "id": "OPENVAS:1361412562310853258", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853258", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853258\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-08 03:04:04 +0000 (Wed, 08 Jul 2020)\");\n script_name(\"openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0945-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.2\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0945-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00011.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rust, '\n package(s) announced via the openSUSE-SU-2020:0945-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for rust, rust-cbindgen fixes the following issues:\n\n rust was updated for use by Firefox 76ESR.\n\n - Fixed miscompilations with rustc 1.43 that lead to LTO failures\n (bsc#1173202)\n\n Update to version 1.43.1\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\n\n - Fixed the stabilization of AVX-512 features.\n\n - Fixed `cargo package --list` not working with unpublished dependencies.\n\n Update to version 1.43.0\n\n + Language:\n\n - Fixed using binary operations with `&{number}` (e.g. `&1.0`) not having\n the type inferred correctly.\n\n - Attributes such as `#[cfg()]` can now be used on `if` expressions.\n\n - Syntax only changes:\n\n * Allow `type Foo: Ord` syntactically.\n\n * Fuse associated and extern items up to defaultness.\n\n * Syntactically allow `self` in all `fn` contexts.\n\n * Merge `fn` syntax + cleanup item parsing.\n\n * `item` macro fragments can be interpolated into `trait`s, `impl`s, and\n `extern` blocks. For example, you may now write: ```rust macro_rules!\n mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {}\n } ```\n\n * These are still rejected *semantically*, so you will likely receive an\n error but these changes can be seen and parsed by macros and\n conditional compilation.\n\n + Compiler\n\n - You can now pass multiple lint flags to rustc to override the previous\n flags.\n\n For example, `rustc -D unused -A unused-variables` denies everything in\n the `unused` lint group except `unused-variables` which is explicitly\n allowed. However, passing `rustc -A unused-variables -D unused` denies\n everything in the `unused` lint group **including** `unused-variables`\n since the allow flag is specified before the deny flag (and therefore\n overridden).\n\n - rustc will now prefer your system MinGW libraries over its bundled\n libraries if they are available on `windows-gnu`.\n\n - rustc now buffers errors/warnings printed in JSON.\n\n Libraries:\n\n - `Arc<[T, N]>`, `Box<[T, N]>`, and `Rc<[T, N]>`, now implement\n `TryFrom<Arc<[T]>>`, `TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\n respectively.\n **Note** These conversions are only available when `N` is `0..=32`.\n\n - You can now use associated constants on floats and integers directly,\n rather than having to import the module. e.g. You can now write\n `u32::MAX` or `f32::NAN` with no imports.\n\n - `u8::is_ascii` is now `const`.\n\n - `String` now implements `AsMut<str>`.\n\n - Added the `primitive` module to `std` and `core`. This module reexports\n Rust's primitive types. This is mainly useful in macros where you want\n avoid these types being shadowed.\n\n - Relaxed some of the trait bounds on `HashMap` and `HashSe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'rust, ' package(s) on openSUSE Leap 15.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo\", rpm:\"cargo~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clippy\", rpm:\"clippy~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rls\", rpm:\"rls~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust\", rpm:\"rust~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-analysis\", rpm:\"rust-analysis~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-doc\", rpm:\"rust-doc~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-gdb\", rpm:\"rust-gdb~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-std-static\", rpm:\"rust-std-static~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rustfmt\", rpm:\"rustfmt~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cargo-doc\", rpm:\"cargo-doc~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rust-src\", rpm:\"rust-src~1.43.1~lp152.3.5.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ust-cbindgen\", rpm:\"ust-cbindgen~0.14.1~lp152.2.4.1\", rls:\"openSUSELeap15.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-01T18:47:17", "description": "OpenSSL server or client applications are prone to a\n denial-of-service vulnerability.", "cvss3": {}, "published": "2020-04-22T00:00:00", "type": "openvas", "title": "OpenSSL: Segmentation fault in SSL_check_chain (CVE-2020-1967) (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-22T00:00:00", "id": "OPENVAS:1361412562310108753", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310108753", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:openssl:openssl\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.108753\");\n script_version(\"2020-04-22T06:06:21+0000\");\n script_cve_id(\"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-22 06:06:21 +0000 (Wed, 22 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-22 06:05:59 +0000 (Wed, 22 Apr 2020)\");\n script_name(\"OpenSSL: Segmentation fault in SSL_check_chain (CVE-2020-1967) (Linux)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_openssl_detect.nasl\", \"gb_openssl_detect_lin.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"openssl/detected\", \"Host/runs_unixoide\");\n\n script_xref(name:\"URL\", value:\"https://www.openssl.org/news/secadv/20200421.txt\");\n script_xref(name:\"URL\", value:\"https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=eb563247aef3e83dda7679c43f9649270462e5b1\");\n\n script_tag(name:\"summary\", value:\"OpenSSL server or client applications are prone to a\n denial-of-service vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Server or client applications that call the SSL_check_chain() function\n during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect\n handling of the 'signature_algorithms_cert' TLS extension. The crash occurs if an invalid or unrecognised\n signature algorithm is received from the peer.\");\n\n script_tag(name:\"impact\", value:\"This could be exploited by a malicious peer in a Denial of\n Service attack.\");\n\n script_tag(name:\"affected\", value:\"OpenSSL versions 1.1.1d, 1.1.1e, and 1.1.1f.\n\n This issue does not impact OpenSSL versions prior to 1.1.1d.\");\n\n script_tag(name:\"solution\", value:\"Update OpenSSL to version 1.1.1g or later. See the references for more details.\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( isnull( port = get_app_port( cpe:CPE ) ) )\n exit( 0 );\n\nif( ! infos = get_app_version_and_location( cpe:CPE, port:port, exit_no_version:TRUE ) )\n exit( 0 );\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif( version_in_range( version:vers, test_version:\"1.1.1d\", test_version2:\"1.1.1f\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.1.1g\", install_path:path );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-06T01:03:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for openssl (FEDORA-2020-fcc91a28e8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2019-1551"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877736", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877736", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877736\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:14:49 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for openssl (FEDORA-2020-fcc91a28e8)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-fcc91a28e8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2020-fcc91a28e8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1g~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-18T15:23:06", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-11T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for openssl (FEDORA-2020-d7b29838f6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2019-1551"], "modified": "2020-05-15T00:00:00", "id": "OPENVAS:1361412562310877816", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877816", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877816\");\n script_version(\"2020-05-15T04:25:55+0000\");\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-15 04:25:55 +0000 (Fri, 15 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-11 03:22:27 +0000 (Mon, 11 May 2020)\");\n script_name(\"Fedora: Security Advisory for openssl (FEDORA-2020-d7b29838f6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-d7b29838f6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2020-d7b29838f6 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1g~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-05-06T00:57:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for openssl (FEDORA-2020-da2d1ef2d7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2019-1551"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562310877748", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877748", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877748\");\n script_version(\"2020-04-30T08:51:29+0000\");\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 08:51:29 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 03:15:21 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for openssl (FEDORA-2020-da2d1ef2d7)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-da2d1ef2d7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the FEDORA-2020-da2d1ef2d7 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The OpenSSL toolkit provides support for secure communications between\nmachines. OpenSSL includes a certificate management tool and shared\nlibraries which provide various cryptographic algorithms and\nprotocols.\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.1.1g~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "mscve": [{"lastseen": "2021-12-06T18:25:11", "description": "Microsoft is aware of a publicly disclosed remote denial of service vulnerability for OpenSSL version 1.1.1d and newer. Previous versions prior to 1.1.1d are unaffected.\n\nThe vulnerability is fixed in version 1.1.1g. For more information, please see the [OpenSSL security advisory](<https://www.openssl.org/news/secadv/20200421.txt>).\n\nMicrosoft has confirmed Windows is not affected by this vulnerability. We are currently investigating the wider impact and are applying mitigations to services as needed.\n\n## Recommended Actions\n\nIf you are running a Linux VM or have installed any products that use OpenSSL on Azure, please review the version on your system. We recommend that you check the security blog for the distro you are using.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T07:00:00", "type": "mscve", "title": "OpenSSL Remote Denial of Service Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-22T07:00:00", "id": "MS:ADV200007", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV200007", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-06-16T15:33:03", "description": "Bernd Edlinger discovered that malformed data passed to the SSL_check_chain() function during or after a TLS 1.3 handshake could cause a NULL dereference, resulting in denial of service.\n\nThe oldstable distribution (stretch) is not affected.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "Debian DSA-4661-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DSA-4661.NASL", "href": "https://www.tenable.com/plugins/nessus/135879", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4661. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135879);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-1967\");\n script_xref(name:\"DSA\", value:\"4661\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"Debian DSA-4661-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Bernd Edlinger discovered that malformed data passed to the\nSSL_check_chain() function during or after a TLS 1.3 handshake could\ncause a NULL dereference, resulting in denial of service.\n\nThe oldstable distribution (stretch) is not affected.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4661\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.1d-0+deb10u3\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-dev\", reference:\"1.1.1d-0+deb10u3\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl-doc\", reference:\"1.1.1d-0+deb10u3\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1\", reference:\"1.1.1d-0+deb10u3\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.1d-0+deb10u3\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"openssl\", reference:\"1.1.1d-0+deb10u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:36:56", "description": "According to the version of the openssl111d packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the 'signature_algorithms_cert' TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).(CVE-2020-1967)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-06-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : openssl111d (EulerOS-SA-2020-1613)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl111d", "p-cpe:/a:huawei:euleros:openssl111d-devel", "p-cpe:/a:huawei:euleros:openssl111d-libs", "p-cpe:/a:huawei:euleros:openssl111d-static", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1613.NASL", "href": "https://www.tenable.com/plugins/nessus/137031", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137031);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-1967\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"EulerOS 2.0 SP5 : openssl111d (EulerOS-SA-2020-1613)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the openssl111d packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - Server or client applications that call the\n SSL_check_chain() function during or after a TLS 1.3\n handshake may crash due to a NULL pointer dereference\n as a result of incorrect handling of the\n 'signature_algorithms_cert' TLS extension. The crash\n occurs if an invalid or unrecognised signature\n algorithm is received from the peer. This could be\n exploited by a malicious peer in a Denial of Service\n attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are\n affected by this issue. This issue did not affect\n OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL\n 1.1.1g (Affected 1.1.1d-1.1.1f).(CVE-2020-1967)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1613\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a2892df8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl111d package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl111d-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl111d-1.1.1d-2.h6.eulerosv2r7\",\n \"openssl111d-devel-1.1.1d-2.h6.eulerosv2r7\",\n \"openssl111d-libs-1.1.1d-2.h6.eulerosv2r7\",\n \"openssl111d-static-1.1.1d-2.h6.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl111d\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:38:37", "description": "This update for rust, rust-cbindgen fixes the following issues :\n\nrust was updated for use by Firefox 76ESR.\n\nFixed miscompilations with rustc 1.43 that lead to LTO failures (bsc#1173202)\n\nUpdate to version 1.43.1\n\nUpdated openssl-src to 1.1.1g for CVE-2020-1967.\n\nFixed the stabilization of AVX-512 features.\n\nFixed `cargo package --list` not working with unpublished dependencies.\n\nUpdate to version 1.43.0\n\nLanguage :\n\nFixed using binary operations with `&{number}` (e.g. `&1.0`) not having the type inferred correctly.\n\nAttributes such as `#[cfg()]` can now be used on `if` expressions.\n\nSyntax only changes :\n\n - Allow `type Foo: Ord` syntactically.\n\n - Fuse associated and extern items up to defaultness.\n\n - Syntactically allow `self` in all `fn` contexts.\n\n - Merge `fn` syntax + cleanup item parsing.\n\n - `item` macro fragments can be interpolated into `trait`s, `impl`s, and `extern` blocks. For example, you may now write: ```rust macro_rules! mac_trait { ($i:item) => { trait T { $i } } } mac_trait! { fn foo() {} } ```\n\n - These are still rejected *semantically*, so you will likely receive an error but these changes can be seen and parsed by macros and conditional compilation.\n\nCompiler\n\nYou can now pass multiple lint flags to rustc to override the previous flags.\n\nFor example; `rustc -D unused -A unused-variables` denies everything in the `unused` lint group except `unused-variables` which is explicitly allowed. However, passing `rustc -A unused-variables -D unused` denies everything in the `unused` lint group **including** `unused-variables` since the allow flag is specified before the deny flag (and therefore overridden). rustc will now prefer your system MinGW libraries over its bundled libraries if they are available on `windows-gnu`.\n\nrustc now buffers errors/warnings printed in JSON.\n\nLibraries :\n\n`Arc<[T; N]>`, `Box<[T; N]>`, and `Rc<[T; N]>`, now implement `TryFrom<Arc<[T]>>`,`TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>` respectively.\n\n**Note** These conversions are only available when `N` is `0..=32`.\n\nYou can now use associated constants on floats and integers directly, rather than having to import the module. e.g. You can now write `u32::MAX` or `f32::NAN` with no imports.\n\n`u8::is_ascii` is now `const`.\n\n`String` now implements `AsMut<str>`.\n\nAdded the `primitive` module to `std` and `core`. This module reexports Rust's primitive types. This is mainly useful in macros where you want avoid these types being shadowed.\n\nRelaxed some of the trait bounds on `HashMap` and `HashSet`.\n\n`string::FromUtf8Error` now implements `Clone + Eq`.\n\nStabilized APIs\n\n`Once::is_completed`\n\n`f32::LOG10_2`\n\n`f32::LOG2_10`\n\n`f64::LOG10_2`\n\n`f64::LOG2_10`\n\n`iter::once_with`\n\nCargo\n\n - You can now set config `[profile]`s in your `.cargo/config`, or through your environment.\n\n - Cargo will now set `CARGO_BIN_EXE_<name>` pointing to a binary's executable path when running integration tests or benchmarks. `<name>` is the name of your binary as-is e.g. If you wanted the executable path for a binary named `my-program`you would use `env!('CARGO_BIN_EXE_my-program')`.\n\nMisc\n\n - Certain checks in the `const_err` lint were deemed unrelated to const evaluation, and have been moved to the `unconditional_panic` and `arithmetic_overflow` lints.\n\nCompatibility Notes\n\n - Having trailing syntax in the `assert!` macro is now a hard error. This has been a warning since 1.36.0.\n\n - Fixed `Self` not having the correctly inferred type.\n This incorrectly led to some instances being accepted, and now correctly emits a hard error.\n\nUpdate to version 1.42.0 :\n\nLanguage\n\n - You can now use the slice pattern syntax with subslices.\n\n - You can now use #[repr(transparent)] on univariant enums. Meaning that you can create an enum that has the exact layout and ABI of the type it contains.\n\n - There are some syntax-only changes :\n\n - default is syntactically allowed before items in trait definitions.\n\n - Items in impls (i.e. consts, types, and fns) may syntactically leave out their bodies in favor of ;.\n\n - Bounds on associated types in impls are now syntactically allowed (e.g. type Foo: Ord;).\n\n - ... (the C-variadic type) may occur syntactically directly as the type of any function parameter. These are still rejected semantically, so you will likely receive an error but these changes can be seen and parsed by procedural macros and conditional compilation.\n\nCompiler\n\n - Added tier 2 support for armv7a-none-eabi.\n\n - Added tier 2 support for riscv64gc-unknown-linux-gnu.\n\n - Option::{expect,unwrap} and Result::{expect, expect_err, unwrap, unwrap_err} now produce panic messages pointing to the location where they were called, rather than core's internals. Refer to Rust's platform support page for more information on Rust's tiered platform support.\n\nLibraries\n\n - iter::Empty<T> now implements Send and Sync for any T.\n\n - Pin::{map_unchecked, map_unchecked_mut} no longer require the return type to implement Sized.\n\n - io::Cursor now derives PartialEq and Eq.\n\n - Layout::new is now const.\n\n - Added Standard Library support for riscv64gc-unknown-linux-gnu.\n\nStabilized APIs\n\n - CondVar::wait_while\n\n - CondVar::wait_timeout_while\n\n - DebugMap::key\n\n - DebugMap::value\n\n - ManuallyDrop::take\n\n - matches!\n\n - ptr::slice_from_raw_parts_mut\n\n - ptr::slice_from_raw_parts\n\nCargo\n\n - You no longer need to include extern crate proc_macro;\n to be able to use proc_macro; in the 2018 edition.\n\nCompatibility Notes\n\n - Error::description has been deprecated, and its use will now produce a warning. It's recommended to use Display/to_string instead.\n\nUpdate to version 1.41.1 :\n\n - Always check types of static items\n\n - Always check lifetime bounds of `Copy` impls\n\n - Fix miscompilation in callers of `Layout::repeat`\n\nUpdate to version 1.41.0 :\n\nLanguage\n\n - You can now pass type parameters to foreign items when implementing traits. E.g. You can now write `impl<T> From<Foo> for Vec<T> {}`.\n\n - You can now arbitrarily nest receiver types in the `self` position. E.g. you can now write `fn foo(self:\n Box<Box<Self>>) {}`. Previously only `Self`, `&Self`, `&mut Self`, `Arc<Self>`, `Rc<Self>`, and `Box<Self>` were allowed.\n\n - You can now use any valid identifier in a `format_args` macro. Previously identifiers starting with an underscore were not allowed.\n\n - Visibility modifiers (e.g. `pub`) are now syntactically allowed on trait items and enum variants. These are still rejected semantically, but can be seen and parsed by procedural macros and conditional compilation.\n\nCompiler\n\n - Rustc will now warn if you have unused loop `'label`s.\n\n - Removed support for the `i686-unknown-dragonfly` target.\n\n - Added tier 3 support\\* for the `riscv64gc-unknown-linux-gnu` target.\n\n - You can now pass an arguments file passing the `@path` syntax to rustc. Note that the format differs somewhat from what is found in other tooling; please see the documentation for more information.\n\n - You can now provide `--extern` flag without a path, indicating that it is available from the search path or specified with an `-L` flag.\n\n Refer to Rust's [platform support page][forge-platform-support] for more information on Rust's tiered platform support.\n\nLibraries\n\n - The `core::panic` module is now stable. It was already stable through `std`.\n\n - `NonZero*` numerics now implement `From<NonZero*>` if it's a smaller integer width. E.g. `NonZeroU16` now implements `From<NonZeroU8>`.\n\n - `MaybeUninit<T>` now implements `fmt::Debug`.\n\nStabilized APIs\n\n - `Result::map_or`\n\n - `Result::map_or_else`\n\n - `std::rc::Weak::weak_count`\n\n - `std::rc::Weak::strong_count`\n\n - `std::sync::Weak::weak_count`\n\n - `std::sync::Weak::strong_count`\n\nCargo\n\n - Cargo will now document all the private items for binary crates by default.\n\n - `cargo-install` will now reinstall the package if it detects that it is out of date.\n\n - Cargo.lock now uses a more git friendly format that should help to reduce merge conflicts.\n\n - You can now override specific dependencies's build settings. E.g. `[profile.dev.package.image] opt-level = 2` sets the `image` crate's optimisation level to `2` for debug builds. You can also use `[profile.<profile>.build-override]` to override build scripts and their dependencies.\n\nMisc\n\n - You can now specify `edition` in documentation code blocks to compile the block for that edition. E.g.\n `edition2018` tells rustdoc that the code sample should be compiled the 2018 edition of Rust.\n\n - You can now provide custom themes to rustdoc with `--theme`, and check the current theme with `--check-theme`.\n\n - You can use `#[cfg(doc)]` to compile an item when building documentation.\n\nCompatibility Notes\n\n - As previously announced 1.41.0 will be the last tier 1 release for 32-bit Apple targets. This means that the source code is still available to build, but the targets are no longer being tested and release binaries for those platforms will no longer be distributed by the Rust project. Please refer to the linked blog post for more information.\n\nBump version of libssh2 for SLE15; we now need a version with libssh2_userauth_publickey_frommemory(), which appeared in libssh2 1.6.0.\n\nUpdate to version 1.40.0\n\nLanguage\n\n - You can now use tuple `struct`s and tuple `enum` variant's constructors in `const` contexts. e.g. pub struct Point(i32, i32); const ORIGIN: Point = { let constructor = Point; constructor(0, 0) };\n\n - You can now mark `struct`s, `enum`s, and `enum` variants with the `#[non_exhaustive]` attribute to indicate that there may be variants or fields added in the future. For example this requires adding a wild-card branch (`_ => {}`) to any match statements on a non-exhaustive `enum`.\n\n - You can now use function-like procedural macros in `extern` blocks and in type positions. e.g. `type Generated = macro!();`\n\n - Function-like and attribute procedural macros can now emit `macro_rules!` items, so you can now have your macros generate macros.\n\n - The `meta` pattern matcher in `macro_rules!` now correctly matches the modern attribute syntax. For example `(#[$m:meta])` now matches `#[attr]`, `#[attr{tokens}]`, `#[attr[tokens]]`, and `#[attr(tokens)]`.\n\nCompiler\n\n - Added tier 3 support\\* for the `thumbv7neon-unknown-linux-musleabihf` target.\n\n - Added tier 3 support for the `aarch64-unknown-none-softfloat` target.\n\n - Added tier 3 support for the `mips64-unknown-linux-muslabi64`, and `mips64el-unknown-linux-muslabi64` targets.\n\nLibraries\n\n - The `is_power_of_two` method on unsigned numeric types is now a `const` function.\n\nStabilized APIs\n\n - BTreeMap::get_key_value\n\n - HashMap::get_key_value\n\n - Option::as_deref_mut\n\n - Option::as_deref\n\n - Option::flatten\n\n - UdpSocket::peer_addr\n\n - f32::to_be_bytes\n\n - f32::to_le_bytes\n\n - f32::to_ne_bytes\n\n - f64::to_be_bytes\n\n - f64::to_le_bytes\n\n - f64::to_ne_bytes\n\n - f32::from_be_bytes\n\n - f32::from_le_bytes\n\n - f32::from_ne_bytes\n\n - f64::from_be_bytes\n\n - f64::from_le_bytes\n\n - f64::from_ne_bytes\n\n - mem::take\n\n - slice::repeat\n\n - todo!\n\nCargo\n\n - Cargo will now always display warnings, rather than only on fresh builds.\n\n - Feature flags (except `--all-features`) passed to a virtual workspace will now produce an error. Previously these flags were ignored.\n\n - You can now publish `dev-dependencies` without including a `version`.\n\nMisc\n\n - You can now specify the `#[cfg(doctest)]` attribute to include an item only when running documentation tests with `rustdoc`.\n\nCompatibility Notes\n\n - As previously announced, any previous NLL warnings in the 2015 edition are now hard errors.\n\n - The `include!` macro will now warn if it failed to include the entire file. The `include!` macro unintentionally only includes the first _expression_ in a file, and this can be unintuitive. This will become either a hard error in a future release, or the behavior may be fixed to include all expressions as expected.\n\n - Using `#[inline]` on function prototypes and consts now emits a warning under `unused_attribute` lint. Using `#[inline]` anywhere else inside traits or `extern` blocks now correctly emits a hard error.\n\nUpdate to version 1.39.0\n\nLanguage\n\n - You can now create async functions and blocks with async fn, async move {}, and async {} respectively, and you can now call .await on async expressions.\n\n - You can now use certain attributes on function, closure, and function pointer parameters.\n\n - You can now take shared references to bind-by-move patterns in the if guards of match arms.\n\nCompiler\n\n - Added tier 3 support for the i686-unknown-uefi target.\n\n - Added tier 3 support for the sparc64-unknown-openbsd target.\n\n - rustc will now trim code snippets in diagnostics to fit in your terminal.\n\n - You can now pass --show-output argument to test binaries to print the output of successful tests.\n\nFor more details :\n\nhttps://github.com/rust-lang/rust/blob/stable/RELEASES.md#version-1390\n-2019\n\n-11-07\n\nSwitch to bundled version of libgit2 for now. libgit2-sys seems to expect using the bundled variant, which just seems to point to a snapshot of the master branch and doesn't match any released libgit2 (bsc#1154817). See: https://github.com/rust-lang/rust/issues/63476 and https://github.com/rust-lang/git2-rs/issues/458 for details.\n\nUpdate to version 1.38.0\n\nLanguage\n\n - The `#[global_allocator]` attribute can now be used in submodules.\n\n - The `#[deprecated]` attribute can now be used on macros.\n\nCompiler\n\n - Added pipelined compilation support to `rustc`. This will improve compilation times in some cases.\n\nLibraries\n\n - `ascii::EscapeDefault` now implements `Clone` and `Display`.\n\n - Derive macros for prelude traits (e.g. `Clone`, `Debug`, `Hash`) are now available at the same path as the trait.\n (e.g. The `Clone` derive macro is available at `std::clone::Clone`). This also makes all built-in macros available in `std`/`core` root. e.g.\n `std::include_bytes!`.\n\n - `str::Chars` now implements `Debug`.\n\n - `slice::{concat, connect, join}` now accepts `&[T]` in addition to `&T`.\n\n - `*const T` and `*mut T` now implement `marker::Unpin`.\n\n - `Arc<[T]>` and `Rc<[T]>` now implement `FromIterator<T>`.\n\n - Added euclidean remainder and division operations (`div_euclid`, `rem_euclid`) to all numeric primitives.\n Additionally `checked`, `overflowing`, and `wrapping` versions are available for all integer primitives.\n\n - `thread::AccessError` now implements `Clone`, `Copy`, `Eq`, `Error`, and `PartialEq`.\n\n - `iter::{StepBy, Peekable, Take}` now implement `DoubleEndedIterator`.\n\nStabilized APIs\n\n - `<*const T>::cast`\n\n - `<*mut T>::cast`\n\n - `Duration::as_secs_f32`\n\n - `Duration::as_secs_f64`\n\n - `Duration::div_f32`\n\n - `Duration::div_f64`\n\n - `Duration::from_secs_f32`\n\n - `Duration::from_secs_f64`\n\n - `Duration::mul_f32`\n\n - `Duration::mul_f64`\n\n - `any::type_name`\n\nCargo\n\n - Added pipelined compilation support to `cargo`.\n\n - You can now pass the `--features` option multiple times to enable multiple features.\n\nMisc\n\n - `rustc` will now warn about some incorrect uses of `mem::{uninitialized, zeroed}` that are known to cause undefined behaviour.\n\nUpdate to version 1.37.0\n\n + Language\n\n - #[must_use] will now warn if the type is contained in a tuple, Box, or an array and unused.\n\n - You can now use the `cfg` and `cfg_attr` attributes on generic parameters.\n\n - You can now use enum variants through type alias. e.g.\n You can write the following: ``` type MyOption = Option<u8>; fn increment_or_zero(x: MyOption) -> u8 { match x { MyOption::Some(y) => y + 1, MyOption::None => 0, } } ```\n\n - You can now use `_` as an identifier for consts. e.g.\n You can write `const _: u32 = 5;`.\n\n - You can now use `#[repr(align(X)]` on enums.\n\n - The `?` Kleene macro operator is now available in the 2015 edition.\n\n + Compiler\n\n - You can now enable Profile-Guided Optimization with the `-C profile-generate` and `-C profile-use` flags. For more information on how to use profile guided optimization, please refer to the rustc book.\n\n - The `rust-lldb` wrapper script should now work again.\n\n + Libraries\n\n - `mem::MaybeUninit<T>` is now ABI-compatible with `T`.\n\n + Stabilized APIs\n\n - BufReader::buffer\n\n - BufWriter::buffer\n\n - Cell::from_mut\n\n - Cell<[T]>::as_slice_of_cells\n\n - Cell<slice>::as_slice_of_cells\n\n - DoubleEndedIterator::nth_back\n\n - Option::xor\n\n - Wrapping::reverse_bits\n\n - i128::reverse_bits\n\n - i16::reverse_bits\n\n - i32::reverse_bits\n\n - i64::reverse_bits\n\n - i8::reverse_bits\n\n - isize::reverse_bits\n\n - slice::copy_within\n\n - u128::reverse_bits\n\n - u16::reverse_bits\n\n - u32::reverse_bits\n\n - u64::reverse_bits\n\n - u8::reverse_bits\n\n - usize::reverse_bits\n\n + Cargo\n\n - Cargo.lock files are now included by default when publishing executable crates with executables.\n\n - You can now specify `default-run='foo'` in `[package]` to specify the default executable to use for `cargo run`.\n\n - cargo-vendor is now provided as a sub-command of cargo\n\n + Compatibility Notes\n\n - Using `...` for inclusive range patterns will now warn by default. Please transition your code to using the `..=` syntax for inclusive ranges instead.\n\n - Using a trait object without the `dyn` will now warn by default. Please transition your code to use `dyn Trait` for trait objects instead. Crab(String), Lobster(String), Person(String), let state = Creature::Crab('Ferris'); if let Creature::Crab(name) | Creature::Person(name) = state { println!('This creature's name is: {}', name); } unsafe { foo() } pub fn new(x: i32, y: i32) -> Self { Self(x, y) } pub fn is_origin(&self) -> bool { match self { Self(0, 0) => true, _ => false, } } Self: PartialOrd<Self> // can write `Self` instead of `List<T>` Nil, Cons(T, Box<Self>) // likewise here fn test(&self) { println!('one'); } //~ ERROR duplicate definitions with name `test` fn test(&self) { println!('two'); }\n\nBasic procedural macros allowing custom `#[derive]`, aka 'macros 1.1', are stable. This allows popular code-generating crates like Serde and Diesel to work ergonomically. [RFC 1681].\n\n[Tuple structs may be empty. Unary and empty tuple structs may be instantiated with curly braces][36868]. Part of [RFC 1506].\n\n[A number of minor changes to name resolution have been activated][37127]. They add up to more consistent semantics, allowing for future evolution of Rust macros. Specified in [RFC 1560], see its section on ['changes'] for details of what is different. The breaking changes here have been transitioned through the [`legacy_imports`] lint since 1.14, with no known regressions.\n\n[In `macro_rules`, `path` fragments can now be parsed as type parameter bounds][38279]\n\n[`?Sized` can be used in `where` clauses][37791]\n\n[There is now a limit on the size of monomorphized types and it can be modified with the `#![type_size_limit]` crate attribute, similarly to the `#![recursion_limit]` attribute][37789]\n\n[On Windows, the compiler will apply dllimport attributes when linking to extern functions][37973]. Additional attributes and flags can control which library kind is linked and its name. [RFC 1717].\n\n[Rust-ABI symbols are no longer exported from cdylibs][38117]\n\n[The `--test` flag works with procedural macro crates][38107]\n\n[Fix `extern 'aapcs' fn` ABI][37814]\n\n[The `-C no-stack-check` flag is deprecated][37636]. It does nothing.\n\n[The `format!` expander recognizes incorrect `printf` and shell-style formatting directives and suggests the correct format][37613].\n\n[Only report one error for all unused imports in an import list][37456]\n\n[Avoid unnecessary `mk_ty` calls in `Ty::super_fold_with`][37705]\n\n[Avoid more unnecessary `mk_ty` calls in `Ty::super_fold_with`][37979]\n\n[Don't clone in `UnificationTable::probe`][37848]\n\n[Remove `scope_auxiliary` to cut RSS by 10%][37764]\n\n[Use small vectors in type walker][37760]\n\n[Macro expansion performance was improved][37701]\n\n[Change `HirVec<P<T>>` to `HirVec<T>` in `hir::Expr`][37642]\n\n[Replace FNV with a faster hash function][37229] https://raw.githubusercontent.com/rust-lang/rust/master/RELEASES.md\n\nrust-cbindgen is shipped in version 0.14.1.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-27T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : rust, rust-cbindgen (SUSE-SU-2020:2041-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-08-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:cargo", "p-cpe:/a:novell:suse_linux:cargo-debuginfo", "p-cpe:/a:novell:suse_linux:clippy", "p-cpe:/a:novell:suse_linux:clippy-debuginfo", "p-cpe:/a:novell:suse_linux:rls", "p-cpe:/a:novell:suse_linux:rls-debuginfo", "p-cpe:/a:novell:suse_linux:rust", "p-cpe:/a:novell:suse_linux:rust-analysis", "p-cpe:/a:novell:suse_linux:rust-debuginfo", "p-cpe:/a:novell:suse_linux:rust-debugsource", "p-cpe:/a:novell:suse_linux:rust-std-static", "p-cpe:/a:novell:suse_linux:rustfmt", "p-cpe:/a:novell:suse_linux:rustfmt-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-2041-1.NASL", "href": "https://www.tenable.com/plugins/nessus/138995", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:2041-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138995);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/13\");\n\n script_cve_id(\"CVE-2020-1967\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : rust, rust-cbindgen (SUSE-SU-2020:2041-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rust, rust-cbindgen fixes the following issues :\n\nrust was updated for use by Firefox 76ESR.\n\nFixed miscompilations with rustc 1.43 that lead to LTO failures\n(bsc#1173202)\n\nUpdate to version 1.43.1\n\nUpdated openssl-src to 1.1.1g for CVE-2020-1967.\n\nFixed the stabilization of AVX-512 features.\n\nFixed `cargo package --list` not working with unpublished\ndependencies.\n\nUpdate to version 1.43.0\n\nLanguage :\n\nFixed using binary operations with `&{number}` (e.g. `&1.0`) not\nhaving the type inferred correctly.\n\nAttributes such as `#[cfg()]` can now be used on `if` expressions.\n\nSyntax only changes :\n\n - Allow `type Foo: Ord` syntactically.\n\n - Fuse associated and extern items up to defaultness.\n\n - Syntactically allow `self` in all `fn` contexts.\n\n - Merge `fn` syntax + cleanup item parsing.\n\n - `item` macro fragments can be interpolated into\n `trait`s, `impl`s, and `extern` blocks. For example, you\n may now write: ```rust macro_rules! mac_trait {\n ($i:item) => { trait T { $i } } } mac_trait! { fn foo()\n {} } ```\n\n - These are still rejected *semantically*, so you will\n likely receive an error but these changes can be seen\n and parsed by macros and conditional compilation.\n\nCompiler\n\nYou can now pass multiple lint flags to rustc to override the previous\nflags.\n\nFor example; `rustc -D unused -A unused-variables` denies everything\nin the `unused` lint group except `unused-variables` which is\nexplicitly allowed. However, passing `rustc -A unused-variables -D\nunused` denies everything in the `unused` lint group **including**\n`unused-variables` since the allow flag is specified before the deny\nflag (and therefore overridden). rustc will now prefer your system\nMinGW libraries over its bundled libraries if they are available on\n`windows-gnu`.\n\nrustc now buffers errors/warnings printed in JSON.\n\nLibraries :\n\n`Arc<[T; N]>`, `Box<[T; N]>`, and `Rc<[T; N]>`, now implement\n`TryFrom<Arc<[T]>>`,`TryFrom<Box<[T]>>`, and `TryFrom<Rc<[T]>>`\nrespectively.\n\n**Note** These conversions are only available when `N` is `0..=32`.\n\nYou can now use associated constants on floats and integers directly,\nrather than having to import the module. e.g. You can now write\n`u32::MAX` or `f32::NAN` with no imports.\n\n`u8::is_ascii` is now `const`.\n\n`String` now implements `AsMut<str>`.\n\nAdded the `primitive` module to `std` and `core`. This module\nreexports Rust's primitive types. This is mainly useful in macros\nwhere you want avoid these types being shadowed.\n\nRelaxed some of the trait bounds on `HashMap` and `HashSet`.\n\n`string::FromUtf8Error` now implements `Clone + Eq`.\n\nStabilized APIs\n\n`Once::is_completed`\n\n`f32::LOG10_2`\n\n`f32::LOG2_10`\n\n`f64::LOG10_2`\n\n`f64::LOG2_10`\n\n`iter::once_with`\n\nCargo\n\n - You can now set config `[profile]`s in your\n `.cargo/config`, or through your environment.\n\n - Cargo will now set `CARGO_BIN_EXE_<name>` pointing to a\n binary's executable path when running integration tests\n or benchmarks. `<name>` is the name of your binary as-is\n e.g. If you wanted the executable path for a binary\n named `my-program`you would use\n `env!('CARGO_BIN_EXE_my-program')`.\n\nMisc\n\n - Certain checks in the `const_err` lint were deemed\n unrelated to const evaluation, and have been moved to\n the `unconditional_panic` and `arithmetic_overflow`\n lints.\n\nCompatibility Notes\n\n - Having trailing syntax in the `assert!` macro is now a\n hard error. This has been a warning since 1.36.0.\n\n - Fixed `Self` not having the correctly inferred type.\n This incorrectly led to some instances being accepted,\n and now correctly emits a hard error.\n\nUpdate to version 1.42.0 :\n\nLanguage\n\n - You can now use the slice pattern syntax with subslices.\n\n - You can now use #[repr(transparent)] on univariant\n enums. Meaning that you can create an enum that has the\n exact layout and ABI of the type it contains.\n\n - There are some syntax-only changes :\n\n - default is syntactically allowed before items in trait\n definitions.\n\n - Items in impls (i.e. consts, types, and fns) may\n syntactically leave out their bodies in favor of ;.\n\n - Bounds on associated types in impls are now\n syntactically allowed (e.g. type Foo: Ord;).\n\n - ... (the C-variadic type) may occur syntactically\n directly as the type of any function parameter. These\n are still rejected semantically, so you will likely\n receive an error but these changes can be seen and\n parsed by procedural macros and conditional compilation.\n\nCompiler\n\n - Added tier 2 support for armv7a-none-eabi.\n\n - Added tier 2 support for riscv64gc-unknown-linux-gnu.\n\n - Option::{expect,unwrap} and Result::{expect, expect_err,\n unwrap, unwrap_err} now produce panic messages pointing\n to the location where they were called, rather than\n core's internals. Refer to Rust's platform support page\n for more information on Rust's tiered platform support.\n\nLibraries\n\n - iter::Empty<T> now implements Send and Sync for any T.\n\n - Pin::{map_unchecked, map_unchecked_mut} no longer\n require the return type to implement Sized.\n\n - io::Cursor now derives PartialEq and Eq.\n\n - Layout::new is now const.\n\n - Added Standard Library support for\n riscv64gc-unknown-linux-gnu.\n\nStabilized APIs\n\n - CondVar::wait_while\n\n - CondVar::wait_timeout_while\n\n - DebugMap::key\n\n - DebugMap::value\n\n - ManuallyDrop::take\n\n - matches!\n\n - ptr::slice_from_raw_parts_mut\n\n - ptr::slice_from_raw_parts\n\nCargo\n\n - You no longer need to include extern crate proc_macro;\n to be able to use proc_macro; in the 2018 edition.\n\nCompatibility Notes\n\n - Error::description has been deprecated, and its use will\n now produce a warning. It's recommended to use\n Display/to_string instead.\n\nUpdate to version 1.41.1 :\n\n - Always check types of static items\n\n - Always check lifetime bounds of `Copy` impls\n\n - Fix miscompilation in callers of `Layout::repeat`\n\nUpdate to version 1.41.0 :\n\nLanguage\n\n - You can now pass type parameters to foreign items when\n implementing traits. E.g. You can now write `impl<T>\n From<Foo> for Vec<T> {}`.\n\n - You can now arbitrarily nest receiver types in the\n `self` position. E.g. you can now write `fn foo(self:\n Box<Box<Self>>) {}`. Previously only `Self`, `&Self`,\n `&mut Self`, `Arc<Self>`, `Rc<Self>`, and `Box<Self>`\n were allowed.\n\n - You can now use any valid identifier in a `format_args`\n macro. Previously identifiers starting with an\n underscore were not allowed.\n\n - Visibility modifiers (e.g. `pub`) are now syntactically\n allowed on trait items and enum variants. These are\n still rejected semantically, but can be seen and parsed\n by procedural macros and conditional compilation.\n\nCompiler\n\n - Rustc will now warn if you have unused loop `'label`s.\n\n - Removed support for the `i686-unknown-dragonfly` target.\n\n - Added tier 3 support\\* for the\n `riscv64gc-unknown-linux-gnu` target.\n\n - You can now pass an arguments file passing the `@path`\n syntax to rustc. Note that the format differs somewhat\n from what is found in other tooling; please see the\n documentation for more information.\n\n - You can now provide `--extern` flag without a path,\n indicating that it is available from the search path or\n specified with an `-L` flag.\n\n Refer to Rust's [platform support\n page][forge-platform-support] for more information on\n Rust's tiered platform support.\n\nLibraries\n\n - The `core::panic` module is now stable. It was already\n stable through `std`.\n\n - `NonZero*` numerics now implement `From<NonZero*>` if\n it's a smaller integer width. E.g. `NonZeroU16` now\n implements `From<NonZeroU8>`.\n\n - `MaybeUninit<T>` now implements `fmt::Debug`.\n\nStabilized APIs\n\n - `Result::map_or`\n\n - `Result::map_or_else`\n\n - `std::rc::Weak::weak_count`\n\n - `std::rc::Weak::strong_count`\n\n - `std::sync::Weak::weak_count`\n\n - `std::sync::Weak::strong_count`\n\nCargo\n\n - Cargo will now document all the private items for binary\n crates by default.\n\n - `cargo-install` will now reinstall the package if it\n detects that it is out of date.\n\n - Cargo.lock now uses a more git friendly format that\n should help to reduce merge conflicts.\n\n - You can now override specific dependencies's build\n settings. E.g. `[profile.dev.package.image] opt-level =\n 2` sets the `image` crate's optimisation level to `2`\n for debug builds. You can also use\n `[profile.<profile>.build-override]` to override build\n scripts and their dependencies.\n\nMisc\n\n - You can now specify `edition` in documentation code\n blocks to compile the block for that edition. E.g.\n `edition2018` tells rustdoc that the code sample should\n be compiled the 2018 edition of Rust.\n\n - You can now provide custom themes to rustdoc with\n `--theme`, and check the current theme with\n `--check-theme`.\n\n - You can use `#[cfg(doc)]` to compile an item when\n building documentation.\n\nCompatibility Notes\n\n - As previously announced 1.41.0 will be the last tier 1\n release for 32-bit Apple targets. This means that the\n source code is still available to build, but the targets\n are no longer being tested and release binaries for\n those platforms will no longer be distributed by the\n Rust project. Please refer to the linked blog post for\n more information.\n\nBump version of libssh2 for SLE15; we now need a version with\nlibssh2_userauth_publickey_frommemory(), which appeared in libssh2\n1.6.0.\n\nUpdate to version 1.40.0\n\nLanguage\n\n - You can now use tuple `struct`s and tuple `enum`\n variant's constructors in `const` contexts. e.g. pub\n struct Point(i32, i32); const ORIGIN: Point = { let\n constructor = Point; constructor(0, 0) };\n\n - You can now mark `struct`s, `enum`s, and `enum` variants\n with the `#[non_exhaustive]` attribute to indicate that\n there may be variants or fields added in the future. For\n example this requires adding a wild-card branch (`_ =>\n {}`) to any match statements on a non-exhaustive `enum`.\n\n - You can now use function-like procedural macros in\n `extern` blocks and in type positions. e.g. `type\n Generated = macro!();`\n\n - Function-like and attribute procedural macros can now\n emit `macro_rules!` items, so you can now have your\n macros generate macros.\n\n - The `meta` pattern matcher in `macro_rules!` now\n correctly matches the modern attribute syntax. For\n example `(#[$m:meta])` now matches `#[attr]`,\n `#[attr{tokens}]`, `#[attr[tokens]]`, and\n `#[attr(tokens)]`.\n\nCompiler\n\n - Added tier 3 support\\* for the\n `thumbv7neon-unknown-linux-musleabihf` target.\n\n - Added tier 3 support for the\n `aarch64-unknown-none-softfloat` target.\n\n - Added tier 3 support for the\n `mips64-unknown-linux-muslabi64`, and\n `mips64el-unknown-linux-muslabi64` targets.\n\nLibraries\n\n - The `is_power_of_two` method on unsigned numeric types\n is now a `const` function.\n\nStabilized APIs\n\n - BTreeMap::get_key_value\n\n - HashMap::get_key_value\n\n - Option::as_deref_mut\n\n - Option::as_deref\n\n - Option::flatten\n\n - UdpSocket::peer_addr\n\n - f32::to_be_bytes\n\n - f32::to_le_bytes\n\n - f32::to_ne_bytes\n\n - f64::to_be_bytes\n\n - f64::to_le_bytes\n\n - f64::to_ne_bytes\n\n - f32::from_be_bytes\n\n - f32::from_le_bytes\n\n - f32::from_ne_bytes\n\n - f64::from_be_bytes\n\n - f64::from_le_bytes\n\n - f64::from_ne_bytes\n\n - mem::take\n\n - slice::repeat\n\n - todo!\n\nCargo\n\n - Cargo will now always display warnings, rather than only\n on fresh builds.\n\n - Feature flags (except `--all-features`) passed to a\n virtual workspace will now produce an error. Previously\n these flags were ignored.\n\n - You can now publish `dev-dependencies` without including\n a `version`.\n\nMisc\n\n - You can now specify the `#[cfg(doctest)]` attribute to\n include an item only when running documentation tests\n with `rustdoc`.\n\nCompatibility Notes\n\n - As previously announced, any previous NLL warnings in\n the 2015 edition are now hard errors.\n\n - The `include!` macro will now warn if it failed to\n include the entire file. The `include!` macro\n unintentionally only includes the first _expression_ in\n a file, and this can be unintuitive. This will become\n either a hard error in a future release, or the behavior\n may be fixed to include all expressions as expected.\n\n - Using `#[inline]` on function prototypes and consts now\n emits a warning under `unused_attribute` lint. Using\n `#[inline]` anywhere else inside traits or `extern`\n blocks now correctly emits a hard error.\n\nUpdate to version 1.39.0\n\nLanguage\n\n - You can now create async functions and blocks with async\n fn, async move {}, and async {} respectively, and you\n can now call .await on async expressions.\n\n - You can now use certain attributes on function, closure,\n and function pointer parameters.\n\n - You can now take shared references to bind-by-move\n patterns in the if guards of match arms.\n\nCompiler\n\n - Added tier 3 support for the i686-unknown-uefi target.\n\n - Added tier 3 support for the sparc64-unknown-openbsd\n target.\n\n - rustc will now trim code snippets in diagnostics to fit\n in your terminal.\n\n - You can now pass --show-output argument to test binaries\n to print the output of successful tests.\n\nFor more details :\n\nhttps://github.com/rust-lang/rust/blob/stable/RELEASES.md#version-1390\n-2019\n\n-11-07\n\nSwitch to bundled version of libgit2 for now. libgit2-sys seems to\nexpect using the bundled variant, which just seems to point to a\nsnapshot of the master branch and doesn't match any released libgit2\n(bsc#1154817). See: https://github.com/rust-lang/rust/issues/63476 and\nhttps://github.com/rust-lang/git2-rs/issues/458 for details.\n\nUpdate to version 1.38.0\n\nLanguage\n\n - The `#[global_allocator]` attribute can now be used in\n submodules.\n\n - The `#[deprecated]` attribute can now be used on macros.\n\nCompiler\n\n - Added pipelined compilation support to `rustc`. This\n will improve compilation times in some cases.\n\nLibraries\n\n - `ascii::EscapeDefault` now implements `Clone` and\n `Display`.\n\n - Derive macros for prelude traits (e.g. `Clone`, `Debug`,\n `Hash`) are now available at the same path as the trait.\n (e.g. The `Clone` derive macro is available at\n `std::clone::Clone`). This also makes all built-in\n macros available in `std`/`core` root. e.g.\n `std::include_bytes!`.\n\n - `str::Chars` now implements `Debug`.\n\n - `slice::{concat, connect, join}` now accepts `&[T]` in\n addition to `&T`.\n\n - `*const T` and `*mut T` now implement `marker::Unpin`.\n\n - `Arc<[T]>` and `Rc<[T]>` now implement\n `FromIterator<T>`.\n\n - Added euclidean remainder and division operations\n (`div_euclid`, `rem_euclid`) to all numeric primitives.\n Additionally `checked`, `overflowing`, and `wrapping`\n versions are available for all integer primitives.\n\n - `thread::AccessError` now implements `Clone`, `Copy`,\n `Eq`, `Error`, and `PartialEq`.\n\n - `iter::{StepBy, Peekable, Take}` now implement\n `DoubleEndedIterator`.\n\nStabilized APIs\n\n - `<*const T>::cast`\n\n - `<*mut T>::cast`\n\n - `Duration::as_secs_f32`\n\n - `Duration::as_secs_f64`\n\n - `Duration::div_f32`\n\n - `Duration::div_f64`\n\n - `Duration::from_secs_f32`\n\n - `Duration::from_secs_f64`\n\n - `Duration::mul_f32`\n\n - `Duration::mul_f64`\n\n - `any::type_name`\n\nCargo\n\n - Added pipelined compilation support to `cargo`.\n\n - You can now pass the `--features` option multiple times\n to enable multiple features.\n\nMisc\n\n - `rustc` will now warn about some incorrect uses of\n `mem::{uninitialized, zeroed}` that are known to cause\n undefined behaviour.\n\nUpdate to version 1.37.0\n\n + Language\n\n - #[must_use] will now warn if the type is contained in a\n tuple, Box, or an array and unused.\n\n - You can now use the `cfg` and `cfg_attr` attributes on\n generic parameters.\n\n - You can now use enum variants through type alias. e.g.\n You can write the following: ``` type MyOption =\n Option<u8>; fn increment_or_zero(x: MyOption) -> u8 {\n match x { MyOption::Some(y) => y + 1, MyOption::None =>\n 0, } } ```\n\n - You can now use `_` as an identifier for consts. e.g.\n You can write `const _: u32 = 5;`.\n\n - You can now use `#[repr(align(X)]` on enums.\n\n - The `?` Kleene macro operator is now available in the\n 2015 edition.\n\n + Compiler\n\n - You can now enable Profile-Guided Optimization with the\n `-C profile-generate` and `-C profile-use` flags. For\n more information on how to use profile guided\n optimization, please refer to the rustc book.\n\n - The `rust-lldb` wrapper script should now work again.\n\n + Libraries\n\n - `mem::MaybeUninit<T>` is now ABI-compatible with `T`.\n\n + Stabilized APIs\n\n - BufReader::buffer\n\n - BufWriter::buffer\n\n - Cell::from_mut\n\n - Cell<[T]>::as_slice_of_cells\n\n - Cell<slice>::as_slice_of_cells\n\n - DoubleEndedIterator::nth_back\n\n - Option::xor\n\n - Wrapping::reverse_bits\n\n - i128::reverse_bits\n\n - i16::reverse_bits\n\n - i32::reverse_bits\n\n - i64::reverse_bits\n\n - i8::reverse_bits\n\n - isize::reverse_bits\n\n - slice::copy_within\n\n - u128::reverse_bits\n\n - u16::reverse_bits\n\n - u32::reverse_bits\n\n - u64::reverse_bits\n\n - u8::reverse_bits\n\n - usize::reverse_bits\n\n + Cargo\n\n - Cargo.lock files are now included by default when\n publishing executable crates with executables.\n\n - You can now specify `default-run='foo'` in `[package]`\n to specify the default executable to use for `cargo\n run`.\n\n - cargo-vendor is now provided as a sub-command of cargo\n\n + Compatibility Notes\n\n - Using `...` for inclusive range patterns will now warn\n by default. Please transition your code to using the\n `..=` syntax for inclusive ranges instead.\n\n - Using a trait object without the `dyn` will now warn by\n default. Please transition your code to use `dyn Trait`\n for trait objects instead. Crab(String),\n Lobster(String), Person(String), let state =\n Creature::Crab('Ferris'); if let Creature::Crab(name) |\n Creature::Person(name) = state { println!('This\n creature's name is: {}', name); } unsafe { foo() } pub\n fn new(x: i32, y: i32) -> Self { Self(x, y) } pub fn\n is_origin(&self) -> bool { match self { Self(0, 0) =>\n true, _ => false, } } Self: PartialOrd<Self> // can\n write `Self` instead of `List<T>` Nil, Cons(T,\n Box<Self>) // likewise here fn test(&self) {\n println!('one'); } //~ ERROR duplicate definitions with\n name `test` fn test(&self) { println!('two'); }\n\nBasic procedural macros allowing custom `#[derive]`, aka 'macros 1.1',\nare stable. This allows popular code-generating crates like Serde and\nDiesel to work ergonomically. [RFC 1681].\n\n[Tuple structs may be empty. Unary and empty tuple structs may be\ninstantiated with curly braces][36868]. Part of [RFC 1506].\n\n[A number of minor changes to name resolution have been\nactivated][37127]. They add up to more consistent semantics, allowing\nfor future evolution of Rust macros. Specified in [RFC 1560], see its\nsection on ['changes'] for details of what is different. The breaking\nchanges here have been transitioned through the [`legacy_imports`]\nlint since 1.14, with no known regressions.\n\n[In `macro_rules`, `path` fragments can now be parsed as type\nparameter bounds][38279]\n\n[`?Sized` can be used in `where` clauses][37791]\n\n[There is now a limit on the size of monomorphized types and it can be\nmodified with the `#![type_size_limit]` crate attribute, similarly to\nthe `#![recursion_limit]` attribute][37789]\n\n[On Windows, the compiler will apply dllimport attributes when linking\nto extern functions][37973]. Additional attributes and flags can\ncontrol which library kind is linked and its name. [RFC 1717].\n\n[Rust-ABI symbols are no longer exported from cdylibs][38117]\n\n[The `--test` flag works with procedural macro crates][38107]\n\n[Fix `extern 'aapcs' fn` ABI][37814]\n\n[The `-C no-stack-check` flag is deprecated][37636]. It does nothing.\n\n[The `format!` expander recognizes incorrect `printf` and shell-style\nformatting directives and suggests the correct format][37613].\n\n[Only report one error for all unused imports in an import\nlist][37456]\n\n[Avoid unnecessary `mk_ty` calls in `Ty::super_fold_with`][37705]\n\n[Avoid more unnecessary `mk_ty` calls in `Ty::super_fold_with`][37979]\n\n[Don't clone in `UnificationTable::probe`][37848]\n\n[Remove `scope_auxiliary` to cut RSS by 10%][37764]\n\n[Use small vectors in type walker][37760]\n\n[Macro expansion performance was improved][37701]\n\n[Change `HirVec<P<T>>` to `HirVec<T>` in `hir::Expr`][37642]\n\n[Replace FNV with a faster hash function][37229]\nhttps://raw.githubusercontent.com/rust-lang/rust/master/RELEASES.md\n\nrust-cbindgen is shipped in version 0.14.1.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1115645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1173202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/rust-lang/git2-rs/issues/458\"\n );\n # https://github.com/rust-lang/rust/blob/stable/RELEASES.md#version-1390-2019\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cddb404e\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/rust-lang/rust/issues/63476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://raw.githubusercontent.com/rust-lang/rust/master/RELEASES.md\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1967/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20202041-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44adf694\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Development Tools 15-SP2 :\n\nzypper in -t patch\nSUSE-SLE-Module-Development-Tools-15-SP2-2020-2041=1\n\nSUSE Linux Enterprise Module for Development Tools 15-SP1 :\n\nzypper in -t patch\nSUSE-SLE-Module-Development-Tools-15-SP1-2020-2041=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cargo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:cargo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:clippy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:clippy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rls-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rust\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rust-analysis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rust-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rust-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rust-std-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rustfmt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:rustfmt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"cargo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"cargo-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"clippy-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"clippy-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rls-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rls-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rust-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rust-analysis-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rust-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rust-debugsource-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rust-std-static-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rustfmt-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"rustfmt-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"cargo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"cargo-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"clippy-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"clippy-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rls-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rls-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rust-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rust-analysis-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rust-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rust-debugsource-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rust-std-static-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rustfmt-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"rustfmt-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"cargo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"cargo-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"clippy-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"clippy-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rls-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rls-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rust-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rust-analysis-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rust-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rust-debugsource-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rust-std-static-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rustfmt-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"rustfmt-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"cargo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"cargo-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"clippy-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"clippy-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rls-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rls-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rust-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rust-analysis-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rust-debuginfo-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rust-debugsource-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rust-std-static-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rustfmt-1.43.1-12.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"2\", reference:\"rustfmt-debuginfo-1.43.1-12.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rust / rust-cbindgen\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:32:59", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the 'signature_algorithms_cert' TLS extension. The crash occurs if an invalid or unrecognized signature algorithm is received from the peer.\nImpact : A malicious peer could exploit the NULL pointer dereference crash, causing a denial of service attack.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "FreeBSD : OpenSSL remote denial of service vulnerability (012809ce-83f3-11ea-92ab-00163e433440)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:openssl", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_012809CE83F311EA92AB00163E433440.NASL", "href": "https://www.tenable.com/plugins/nessus/135880", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135880);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-1967\");\n script_xref(name:\"FreeBSD\", value:\"SA-20:11.openssl\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"FreeBSD : OpenSSL remote denial of service vulnerability (012809ce-83f3-11ea-92ab-00163e433440)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Server or client applications that call the SSL_check_chain() function\nduring or after a TLS 1.3 handshake may crash due to a NULL pointer\ndereference as a result of incorrect handling of the\n'signature_algorithms_cert' TLS extension. The crash occurs if an\ninvalid or unrecognized signature algorithm is received from the peer.\nImpact : A malicious peer could exploit the NULL pointer dereference\ncrash, causing a denial of service attack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.openssl.org/news/secadv/20200421.txt\"\n );\n # https://vuxml.freebsd.org/freebsd/012809ce-83f3-11ea-92ab-00163e433440.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8ba68bae\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"openssl>=1.1.1,1<1.1.1g,1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:33:07", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1.1.1g advisory.\n\n - Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the signature_algorithms_cert TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f). (CVE-2020-1967)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-23T00:00:00", "type": "nessus", "title": "OpenSSL 1.1.1 < 1.1.1g Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["cpe:/a:openssl:openssl"], "id": "OPENSSL_1_1_1G.NASL", "href": "https://www.tenable.com/plugins/nessus/135919", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135919);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"OpenSSL 1.1.1 < 1.1.1g Vulnerability\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote service is affected by a vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a\nvulnerability as referenced in the 1.1.1g advisory.\n\n - Server or client applications that call the\n SSL_check_chain() function during or after a TLS 1.3\n handshake may crash due to a NULL pointer dereference as\n a result of incorrect handling of the\n signature_algorithms_cert TLS extension. The crash\n occurs if an invalid or unrecognised signature algorithm\n is received from the peer. This could be exploited by a\n malicious peer in a Denial of Service attack. OpenSSL\n version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this\n issue. This issue did not affect OpenSSL versions prior\n to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected\n 1.1.1d-1.1.1f). (CVE-2020-1967)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://github.com/openssl/openssl/commit/eb563247aef3e83dda7679c43f9649270462e5b1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5929f842\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/news/secadv/20200421.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to OpenSSL version 1.1.1g or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:openssl:openssl\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"openssl_version.nasl\");\n script_require_keys(\"openssl/port\");\n\n exit(0);\n}\n\ninclude(\"openssl_version.inc\");\n\nopenssl_check_version(fixed:\"1.1.1g\", min:\"1.1.1d\", severity:SECURITY_WARNING);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:31:15", "description": "An update of the nxtgn package has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Nxtgn PHSA-2020-3.0-0082", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:nxtgn", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2020-3_0-0082_NXTGN.NASL", "href": "https://www.tenable.com/plugins/nessus/135873", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-3.0-0082. The text\n# itself is copyright (C) VMware, Inc.\n\n\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135873);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"Photon OS 3.0: Nxtgn PHSA-2020-3.0-0082\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the nxtgn package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-82.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:nxtgn\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"nxtgn-openssl-1.1.1d-3.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"nxtgn-openssl-c_rehash-1.1.1d-3.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"nxtgn-openssl-debuginfo-1.1.1d-3.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"nxtgn-openssl-devel-1.1.1d-3.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", cpu:\"x86_64\", reference:\"nxtgn-openssl-perl-1.1.1d-3.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nxtgn\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:39:06", "description": "The 8.0.20 and prior versions of MySQL Connectors installed on the remote host are affected by a vulnerability as referenced in the July 2020 CPU advisory. A vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/C++ (OpenSSL)). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. (CVE-2020-1967)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "Oracle MySQL Connectors (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:mysql_connectors"], "id": "ORACLE_MYSQL_CONNECTORS_CPU_JUL_2020.NASL", "href": "https://www.tenable.com/plugins/nessus/138607", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138607);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0321\");\n\n script_name(english:\"Oracle MySQL Connectors (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The 8.0.20 and prior versions of MySQL Connectors installed on the remote host are affected by a vulnerability\nas referenced in the July 2020 CPU advisory. A vulnerability in the MySQL Connectors product of Oracle MySQL\n(component: Connector/C++ (OpenSSL)). Supported versions that are affected are 8.0.20 and prior. Easily exploitable\nvulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful\nattacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash\n(complete DOS) of MySQL Connectors. (CVE-2020-1967)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujul2020cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujul2020.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the July 2020 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql_connectors\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_connectors_version_nix.nbin\", \"mysql_connectors_version_win.nbin\");\n script_require_keys(\"installed_sw/MySQL Connector\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'MySQL Connector');\nproduct = tolower(app_info['Product']);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nif ('odbc' >< product ||\n 'c++' >< product ||\n 'cpp' >< product)\n constraints = [\n {'min_version': '8.0.0', 'fixed_version': '8.0.21'}\n ];\nelse\n audit(AUDIT_PACKAGE_NOT_AFFECTED, product);\n\nvcf::check_version_and_report(app_info: app_info, constraints: constraints, severity: SECURITY_WARNING);\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:32:31", "description": "This update for openssl-1_1 fixes the following issues :\n\nCVE-2020-1967: Fixed a denial of service via NULL pointer dereference in SSL_check_chain (bsc#1169407).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2020:1058-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libopenssl1_1", "p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl", "p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo", "p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1058-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135893", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1058-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135893);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2020:1058-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for openssl-1_1 fixes the following issues :\n\nCVE-2020-1967: Fixed a denial of service via NULL pointer dereference\nin SSL_check_chain (bsc#1169407).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-1967/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201058-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f2b1bb57\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2020-1058=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2020-1058=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-1058=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-1058=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-1967\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libopenssl1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:openssl-1_1-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-32bit-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-debuginfo-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libopenssl1_1-debuginfo-32bit-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-debuginfo-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"openssl-1_1-debugsource-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-32bit-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-debuginfo-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libopenssl1_1-debuginfo-32bit-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"openssl-1_1-debuginfo-1.1.1d-2.23.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"openssl-1_1-debugsource-1.1.1d-2.23.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl-1_1\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:38:37", "description": "This update for rust, rust-cbindgen fixes the following issues :\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-07-20T00:00:00", "type": "nessus", "title": "openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-945)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967"], "modified": "2020-08-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cargo", "p-cpe:/a:novell:opensuse:clippy", "p-cpe:/a:novell:opensuse:rls", "p-cpe:/a:novell:opensuse:rust", "p-cpe:/a:novell:opensuse:rust-analysis", "p-cpe:/a:novell:opensuse:rust-cbindgen", "p-cpe:/a:novell:opensuse:rust-gdb", "p-cpe:/a:novell:opensuse:rust-src", "p-cpe:/a:novell:opensuse:rust-std-static", "p-cpe:/a:novell:opensuse:rustfmt", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2020-945.NASL", "href": "https://www.tenable.com/plugins/nessus/138732", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-945.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138732);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/13\");\n\n script_cve_id(\"CVE-2020-1967\");\n\n script_name(english:\"openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-945)\");\n script_summary(english:\"Check for the openSUSE-2020-945 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for rust, rust-cbindgen fixes the following issues :\n\n - Updated openssl-src to 1.1.1g for CVE-2020-1967.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1173202\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected rust / rust-cbindgen packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cargo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clippy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rls\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-analysis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-cbindgen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-gdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rust-std-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:rustfmt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"cargo-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"clippy-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rls-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rust-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rust-analysis-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rust-gdb-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rust-src-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rust-std-static-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"rustfmt-1.43.1-lp152.3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", cpu:\"x86_64\", reference:\"rust-cbindgen-0.14.1-lp152.2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rust-cbindgen / cargo / clippy / rls / rust / rust-analysis / etc\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:30:36", "description": "The remote host is affected by the vulnerability described in GLSA-202004-10 (OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could perform a malicious crafted TLS 1.3 handshake against an application using OpenSSL, possibly resulting in a Denial of Service condition.\n In addition, it’s feasible that an attacker might attack DH512.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-04-24T00:00:00", "type": "nessus", "title": "GLSA-202004-10 : OpenSSL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:openssl", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202004-10.NASL", "href": "https://www.tenable.com/plugins/nessus/135946", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202004-10.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135946);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"GLSA\", value:\"202004-10\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"GLSA-202004-10 : OpenSSL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-202004-10\n(OpenSSL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in OpenSSL. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could perform a malicious crafted TLS 1.3 handshake\n against an application using OpenSSL, possibly resulting in a Denial of\n Service condition.\n In addition, it’s feasible that an attacker might attack DH512.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/202004-10\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All OpenSSL users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-libs/openssl-1.1.1g'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/openssl\", unaffected:make_list(\"ge 1.1.1g\"), vulnerable:make_list(\"lt 1.1.1g\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"OpenSSL\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:35:12", "description": "Update to version 1.1.1g from upstream fixing possible remote DoS security issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-05-11T00:00:00", "type": "nessus", "title": "Fedora 31 : 1:openssl (2020-d7b29838f6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-D7B29838F6.NASL", "href": "https://www.tenable.com/plugins/nessus/136439", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-d7b29838f6.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136439);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"FEDORA\", value:\"2020-d7b29838f6\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"Fedora 31 : 1:openssl (2020-d7b29838f6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 1.1.1g from upstream fixing possible remote DoS\nsecurity issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-d7b29838f6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"openssl-1.1.1g-1.fc31\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-01-07T01:30:21", "description": "According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate.\n This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the '-crl_download' option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w).(CVE-2020-1971)\n\n - A NULL pointer dereference flaw was found in the way OpenSSL handled certain TLS handshake messages. This flaw allows an unauthenticated attacker to cause a server application compiled with OpenSSL to crash, causing a denial of service. In some cases a malicious server could also cause a client compiled with OpenSSL to crash.(CVE-2020-1967)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2021-1619)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-1967", "CVE-2020-1971"], "modified": "2021-04-20T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:openssl", "p-cpe:/a:huawei:euleros:openssl-libs", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2021-1619.NASL", "href": "https://www.tenable.com/plugins/nessus/147537", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147537);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/20\");\n\n script_cve_id(\n \"CVE-2020-1967\",\n \"CVE-2020-1971\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : openssl (EulerOS-SA-2021-1619)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the openssl packages installed, the\nEulerOS Virtualization installation on the remote host is affected by\nthe following vulnerabilities :\n\n - The X.509 GeneralName type is a generic type for\n representing different types of names. One of those\n name types is known as EDIPartyName. OpenSSL provides a\n function GENERAL_NAME_cmp which compares different\n instances of a GENERAL_NAME to see if they are equal or\n not. This function behaves incorrectly when both\n GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer\n dereference and a crash may occur leading to a possible\n denial of service attack. OpenSSL itself uses the\n GENERAL_NAME_cmp function for two purposes: 1)\n Comparing CRL distribution point names between an\n available CRL and a CRL distribution point embedded in\n an X509 certificate 2) When verifying that a timestamp\n response token signer matches the timestamp authority\n name (exposed via the API functions\n TS_RESP_verify_response and TS_RESP_verify_token) If an\n attacker can control both items being compared then\n that attacker could trigger a crash. For example if the\n attacker can trick a client or server into checking a\n malicious certificate against a malicious CRL then this\n may occur. Note that some applications automatically\n download CRLs based on a URL embedded in a certificate.\n This checking happens prior to the signatures on the\n certificate and CRL being verified. OpenSSL's s_server,\n s_client and verify tools have support for the\n '-crl_download' option which implements automatic CRL\n downloading and this attack has been demonstrated to\n work against those tools. Note that an unrelated bug\n means that affected versions of OpenSSL cannot parse or\n construct correct encodings of EDIPARTYNAME. However it\n is possible to construct a malformed EDIPARTYNAME that\n OpenSSL's parser will accept and hence trigger this\n attack. All OpenSSL 1.1.1 and 1.0.2 versions are\n affected by this issue. Other OpenSSL releases are out\n of support and have not been checked. Fixed in OpenSSL\n 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x\n (Affected 1.0.2-1.0.2w).(CVE-2020-1971)\n\n - A NULL pointer dereference flaw was found in the way\n OpenSSL handled certain TLS handshake messages. This\n flaw allows an unauthenticated attacker to cause a\n server application compiled with OpenSSL to crash,\n causing a denial of service. In some cases a malicious\n server could also cause a client compiled with OpenSSL\n to crash.(CVE-2020-1967)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2021-1619\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fb5f0f8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:openssl-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"openssl-1.1.1f-7.h10.eulerosv2r9\",\n \"openssl-libs-1.1.1f-7.h10.eulerosv2r9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-16T15:35:47", "description": "Nessus Agent leverages third-party software to help provide underlying functionality. One of the third-party components (OpenSSL) was found to contain a multiple vulnerabilities, and updated versions have been made available by the providers.\n\nOut of caution and in line with good practice, Tenable opted to upgrade the bundled library to address the potential impact of these issues in Nessus Agent. Nessus Agent 7.6.3 updates OpenSSL to version 1.1.1g to address the identified vulnerabilities.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-06-24T00:00:00", "type": "nessus", "title": "Tenable Nessus Agent < 7.6.3 Third Party Vulnerability (OpenSSL) (TNS-2020-03)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:tenable:nessus", "cpe:/a:tenable:nessus_agent"], "id": "TENABLE_NESSUS_AGENT_TNS_2020_03.NASL", "href": "https://www.tenable.com/plugins/nessus/137757", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137757);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n\n script_name(english:\"Tenable Nessus Agent < 7.6.3 Third Party Vulnerability (OpenSSL) (TNS-2020-03)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An instance of Nessus Agent installed on the remote system is affected by a third party vulnerability\nin OpenSSL\");\n script_set_attribute(attribute:\"description\", value:\n\"Nessus Agent leverages third-party software to help provide underlying functionality. \nOne of the third-party components (OpenSSL) was found to contain a multiple vulnerabilities, \nand updated versions have been made available by the providers.\n\nOut of caution and in line with good practice, Tenable opted to upgrade the bundled library \nto address the potential impact of these issues in Nessus Agent. Nessus Agent 7.6.3 updates \nOpenSSL to version 1.1.1g to address the identified vulnerabilities.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2020-03\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable Nessus Agent version 7.6.3 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:nessus_agent\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tenable_nessus_agent_installed_win.nbin\", \"nessus_agent_installed_macos.nbin\", \"nessus_agent_installed_linux.nbin\");\n script_require_keys(\"installed_sw/Tenable Nessus Agent\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Tenable Nessus Agent');\n\nconstraints = [\n {'fixed_version' : '7.6.3' },\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:37:43", "description": "According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 4.0.x prior to 4.0.13.5349 or 8.0.x prior to 8.0.21.1240. It is, therefore, affected by multiple vulnerabilities:\n - A buffer overflow condition exists in the Montgomery squaring procedure due to unsufficient validation of user-supplied input. An unauthenticated, remote attacker can exploit this, to cause a denial of service condition or the execution of arbitrary code. (CVE-2019-1551).\n\n - A denial of service (DoS) vulnerability exists in the SSL_check_chain() function due to a NULL pointer dereference. An unauthenticated, remote attacker can exploit this issue, to cause the application to stop responding (CVE-2020-1967).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-07-17T00:00:00", "type": "nessus", "title": "MySQL Enterprise Monitor 4.0.x < 4.0.13.5349 / 8.0.x < 8.0.21.1240 (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-08-14T00:00:00", "cpe": ["cpe:/a:oracle:mysql_enterprise_monitor"], "id": "MYSQL_ENTERPRISE_MONITOR_8_0_21_1240.NASL", "href": "https://www.tenable.com/plugins/nessus/138568", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138568);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/08/14\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0321\");\n\n script_name(english:\"MySQL Enterprise Monitor 4.0.x < 4.0.13.5349 / 8.0.x < 8.0.21.1240 (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application running on the remote host is affected by a multiple vulnerabilties\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is \n4.0.x prior to 4.0.13.5349 or 8.0.x prior to 8.0.21.1240. It is, therefore, affected by multiple vulnerabilities:\n - A buffer overflow condition exists in the Montgomery squaring procedure due to unsufficient validation\n of user-supplied input. An unauthenticated, remote attacker can exploit this, to cause a denial of service\n condition or the execution of arbitrary code. (CVE-2019-1551).\n\n - A denial of service (DoS) vulnerability exists in the SSL_check_chain() function due to a NULL pointer\n dereference. An unauthenticated, remote attacker can exploit this issue, to cause the application \n to stop responding (CVE-2020-1967).\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d433c246\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL Enterprise Monitor version 4.0.13.5349 / 8.0.21.1240 or later as referenced in the July Oracle CPU\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/17\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql_enterprise_monitor\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_enterprise_monitor_web_detect.nasl\");\n script_require_keys(\"installed_sw/MySQL Enterprise Monitor\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 18443);\n\n exit(0);\n}\n\ninclude('http.inc');\ninclude('vcf.inc');\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nport = get_http_port(default:18443);\napp_info = vcf::get_app_info(app:'MySQL Enterprise Monitor', port:port, webapp:true);\n\nconstraints = [\n { 'min_version' : '4.0', 'fixed_version' : '4.0.13.5349' },\n { 'min_version' : '8.0', 'fixed_version' : '8.0.21.1240' }\n];\n\nvcf::check_version_and_report(\n app_info:app_info,\n constraints:constraints,\n severity:SECURITY_WARNING\n);\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:32:32", "description": "Update to version 1.1.1g from upstream fixing possible remote DoS security issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-04-30T00:00:00", "type": "nessus", "title": "Fedora 30 : 1:openssl (2020-da2d1ef2d7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:openssl", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-DA2D1EF2D7.NASL", "href": "https://www.tenable.com/plugins/nessus/136155", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-da2d1ef2d7.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136155);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-1551\", \"CVE-2020-1967\");\n script_xref(name:\"FEDORA\", value:\"2020-da2d1ef2d7\");\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"Fedora 30 : 1:openssl (2020-da2d1ef2d7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to version 1.1.1g from upstream fixing possible remote DoS\nsecurity issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-da2d1ef2d7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:openssl package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"openssl-1.1.1g-1.fc30\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:openssl\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-04-16T14:05:07", "description": "The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as referenced in the October 2020 CPU advisory:\n\n - A denial of service (DoS) vulnerability exists in the SSL Module (OpenSSL). An unauthenticated, remote attacker with network access via HTTPS, can exploit this issue to cause a hang or frequently repeatable crash (complete DoS) of Oracle HTTP Server. (CVE-2020-1967)\n\n - An unspecified vulnerability exists in the Apache HTTP Server Core component. A authenticated, remote attacker with network access via HTTP, can exploit this issue to compromise the Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-10097)\n\n - An unspecified vulnerability exists in Web Listener (cURL). An unauthenticated, remote attacker with network access via TFTP can exploit this issue to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-5482) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-11-02T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Oracle HTTP Server (Oct 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10097", "CVE-2019-5482", "CVE-2020-1967"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_OCT_2020.NASL", "href": "https://www.tenable.com/plugins/nessus/142212", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142212);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-5482\", \"CVE-2019-10097\", \"CVE-2020-1967\");\n\n script_name(english:\"Oracle Fusion Middleware Oracle HTTP Server (Oct 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is affected by the following vulnerabilities as\nreferenced in the October 2020 CPU advisory:\n\n - A denial of service (DoS) vulnerability exists in the SSL Module (OpenSSL). An unauthenticated, remote\n attacker with network access via HTTPS, can exploit this issue to cause a hang or frequently repeatable \n crash (complete DoS) of Oracle HTTP Server. (CVE-2020-1967)\n\n - An unspecified vulnerability exists in the Apache HTTP Server Core component. A authenticated, remote\n attacker with network access via HTTP, can exploit this issue to compromise the Oracle HTTP Server. \n Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-10097)\n\n - An unspecified vulnerability exists in Web Listener (cURL). An unauthenticated, remote attacker with\n network access via TFTP can exploit this issue to compromise Oracle HTTP Server. Successful attacks of\n this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2019-5482)\n \nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuoct2020.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2020 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-5482\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude('oracle_http_server_patch_func.inc');\n\nget_kb_item_or_exit('Oracle/OHS/Installed');\ninstall_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');\n\ninstall = branch(install_list, key:TRUE, value:TRUE);\n\npatches = make_array();\npatches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.200911', 'patch', '31876370');\npatches['12.2.1.4'] = make_array('fix_ver', '12.2.1.4.200826', 'patch', '31808404');\n\noracle_http_server_check_vuln(install : install, min_patches : patches, severity : SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-23T15:08:50", "description": "The 13.3.0.0, 13.3.1.0 and 13.4.0.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2020 CPU advisory.\n\n - Vulnerability in the Enterprise Manager for Storage Management product of Oracle Enterprise Manager (component: Privilege Management (OpenSSL)). Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Enterprise Manager for Storage Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager for Storage Management. (CVE-2020-1967)\n\n - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component:\n Event Management). Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. While the vulnerability is in Enterprise Manager Base Platform, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. (CVE-2019-2897)\n\n - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component:\n Connector Framework (Apache CXF)). The supported version that is affected is 13.2.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Enterprise Manager Base Platform executes to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data. (CVE-2020-1954)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.4, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}, "published": "2020-10-22T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Cloud Control (Oct 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2897", "CVE-2020-1954", "CVE-2020-1967"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager"], "id": "ORACLE_ENTERPRISE_MANAGER_CPU_OCT_2020.NASL", "href": "https://www.tenable.com/plugins/nessus/141809", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141809);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2019-2897\", \"CVE-2020-1954\", \"CVE-2020-1967\");\n script_xref(name:\"IAVA\", value:\"2020-A-0481\");\n script_xref(name:\"IAVA\", value:\"2021-A-0328\");\n\n script_name(english:\"Oracle Enterprise Manager Cloud Control (Oct 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The 13.3.0.0, 13.3.1.0 and 13.4.0.0 versions of Enterprise Manager Base Platform installed on the remote host are\naffected by multiple vulnerabilities as referenced in the October 2020 CPU advisory.\n\n - Vulnerability in the Enterprise Manager for Storage Management product of Oracle Enterprise Manager \n (component: Privilege Management (OpenSSL)). Supported versions that are affected are 13.3.0.0 and \n 13.4.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via \n HTTPS to compromise Enterprise Manager for Storage Management. Successful attacks of this \n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash \n (complete DOS) of Enterprise Manager for Storage Management. (CVE-2020-1967)\n\n - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component:\n Event Management). Supported versions that are affected are 13.3.0.0 and 13.4.0.0. Easily exploitable\n vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager\n Base Platform. While the vulnerability is in Enterprise Manager Base Platform, attacks may significantly\n impact additional products. Successful attacks of this vulnerability can result in unauthorized update,\n insert or delete access to some of Enterprise Manager Base Platform accessible data as well as\n unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. (CVE-2019-2897)\n\n - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component:\n Connector Framework (Apache CXF)). The supported version that is affected is 13.2.1.0. Difficult to\n exploit vulnerability allows unauthenticated attacker with access to the physical communication segment\n attached to the hardware where the Enterprise Manager Base Platform executes to compromise Enterprise\n Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to\n critical data or complete access to all Enterprise Manager Base Platform accessible data. (CVE-2020-1954)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuoct2020cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuoct2020.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2020 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2897\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Cloud Control\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\napp_info = vcf::get_app_info(app:'Oracle Enterprise Manager Cloud Control');\n\nconstraints = [\n { 'min_version' : '13.3.0.0', 'fixed_version' : '13.3.0.0.201020' , 'fixed_display': '13.3.0.0.201020 (Patch 31899771)'},\n { 'min_version' : '13.3.1.0', 'fixed_version' : '13.3.1.0.201031' , 'fixed_display': '13.3.1.0.201031 (Patch 32019093)'},\n { 'min_version' : '13.4.0.0', 'fixed_version' : '13.4.0.8', 'fixed_display': '13.4.0.8 (Patch 32071974)'}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-06-16T15:39:09", "description": "The version of MySQL running on the remote host is 5.6.x prior to and including 5.6.48. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the July 2020 Critical Patch Update advisory:\n\n - A vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14539)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. (CVE-2020-14550)\n\n - Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/C++ (OpenSSL)).\n Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Connectors. (CVE-2020-1967)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 4.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-07-17T00:00:00", "type": "nessus", "title": "MySQL 5.6.x < 5.6.49 Multiple Vulnerabilities (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14539", "CVE-2020-14550", "CVE-2020-14559", "CVE-2020-1967"], "modified": "2021-05-19T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_6_49.NASL", "href": "https://www.tenable.com/plugins/nessus/138571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138571);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/19\");\n\n script_cve_id(\n \"CVE-2020-1967\",\n \"CVE-2020-14539\",\n \"CVE-2020-14550\",\n \"CVE-2020-14559\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0321\");\n\n script_name(english:\"MySQL 5.6.x < 5.6.49 Multiple Vulnerabilities (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.6.x prior to and including 5.6.48. It is, therefore, affected by\nmultiple vulnerabilities, including the following, as noted in the July 2020 Critical Patch Update \nadvisory:\n\n - A vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions\n that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14539)\n\n - Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are\n affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows\n low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash\n (complete DOS) of MySQL Client. (CVE-2020-14550)\n\n - Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/C++ (OpenSSL)).\n Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows unauthenticated\n attacker with network access via TLS to compromise MySQL Connectors. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL\n Connectors. (CVE-2020-1967)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.oracle.com/security-alerts/cpujul2020.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dc7b9bd1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.6.49 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/17\");\n\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\n \"mysql_version.nasl\", \n \"mysql_login.nasl\", \n \"mysql_version_local.nasl\", \n \"mysql_win_installed.nbin\", \n \"macosx_mysql_installed.nbin\"\n );\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.6.0', 'fixed_version' : '5.6.49'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-01-15T13:45:52", "description": "According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is earlier than 5.17.0. It is, therefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues nor the stand-alone patch but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-12-23T00:00:00", "type": "nessus", "title": "Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967", "CVE-2020-1971", "CVE-2020-5808", "CVE-2020-11022"], "modified": "2021-02-09T00:00:00", "cpe": ["cpe:/a:tenable:securitycenter"], "id": "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "href": "https://www.tenable.com/plugins/nessus/144584", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144584);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/09\");\n\n script_cve_id(\n \"CVE-2019-1551\",\n \"CVE-2020-1967\",\n \"CVE-2020-1971\",\n \"CVE-2020-5808\",\n \"CVE-2020-11022\"\n );\n\n script_name(english:\"Tenable SecurityCenter < 5.17.0 Multiple Vulnerabilities (TNS-2020-11)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the Tenable SecurityCenter\napplication installed on the remote host is earlier than 5.17.0. It is,\ntherefore, affected by multiple vulnerabilities.\n\nNote that Nessus has not tested for these issues nor the stand-alone\npatch but has instead relied only on the application's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2020-11\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable SecurityCenter version 5.17.0 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-5808\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:securitycenter\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"securitycenter_installed.nbin\", \"securitycenter_detect.nbin\");\n script_require_ports(\"Host/SecurityCenter/Version\", \"installed_sw/SecurityCenter\");\n\n exit(0);\n}\n\ninclude('vcf_extras.inc');\n\nport = get_http_port(default:443, dont_exit:TRUE);\napp_info = vcf::tenable_sc::get_app_info(port:port);\n\nconstraints = [\n {'fixed_version':'5.16.1', 'fixed_display':'5.17.0'}\n];\n\nvcf::check_version_and_report(\n app_info:app_info, \n constraints:constraints, \n severity:SECURITY_WARNING\n);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:33:34", "description": "Gitlab reports :\n\nPath Traversal in NuGet Package Registry\n\nWorkhorse Bypass Leads to File Disclosure\n\nOAuth Application Client Secrets Revealed\n\nCode Owners Approval Rules Are Not Updated for Existing Merge Requests When Source Branch Changes\n\nCode Owners Protection Not Enforced from Web UI\n\nRepository Mirror Passwords Exposed To Maintainers\n\nAdmin Audit Log Page Denial of Service\n\nPrivate Project ID Revealed Through Group API\n\nElasticsearch Credentials Logged to ELK\n\nGitHub Personal Access Token Exposed on Integrations Page\n\nUpdate Nokogiri dependency\n\nUpdate OpenSSL Dependency\n\nUpdate git", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-05-04T00:00:00", "type": "nessus", "title": "FreeBSD : Gitlab -- Multiple Vulnerabilities (e8483115-8b8e-11ea-bdcf-001b217b3468)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10187", "CVE-2020-11008", "CVE-2020-12448", "CVE-2020-1967", "CVE-2020-7595"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:gitlab-ce", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "href": "https://www.tenable.com/plugins/nessus/136304", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136304);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\n \"CVE-2020-1967\",\n \"CVE-2020-7595\",\n \"CVE-2020-10187\",\n \"CVE-2020-11008\",\n \"CVE-2020-12448\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0186-S\");\n\n script_name(english:\"FreeBSD : Gitlab -- Multiple Vulnerabilities (e8483115-8b8e-11ea-bdcf-001b217b3468)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Gitlab reports :\n\nPath Traversal in NuGet Package Registry\n\nWorkhorse Bypass Leads to File Disclosure\n\nOAuth Application Client Secrets Revealed\n\nCode Owners Approval Rules Are Not Updated for Existing Merge Requests\nWhen Source Branch Changes\n\nCode Owners Protection Not Enforced from Web UI\n\nRepository Mirror Passwords Exposed To Maintainers\n\nAdmin Audit Log Page Denial of Service\n\nPrivate Project ID Revealed Through Group API\n\nElasticsearch Credentials Logged to ELK\n\nGitHub Personal Access Token Exposed on Integrations Page\n\nUpdate Nokogiri dependency\n\nUpdate OpenSSL Dependency\n\nUpdate git\");\n # https://about.gitlab.com/releases/2020/04/30/security-release-12-10-2-released/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dac5e06d\");\n # https://vuxml.freebsd.org/freebsd/e8483115-8b8e-11ea-bdcf-001b217b3468.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a57444f0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-12448\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-11008\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=12.10.0<12.10.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=12.9.0<12.9.5\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=8.4.0<12.8.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-24T16:38:36", "description": "The version of Tenable Log Correlation Engine (LCE) installed on the remote host is prior to 6.0.9. It is, therefore, affected by multiple vulnerabilities:\n\n - Multiple denial of service vulnerabilities in the included OpenSSL component. (CVE-2019-1551, CVE-2020-1967, CVE-2020-1971, CVE-2021-3449, CVE-2021-23840)\n\n - Multiple cross site scripting vulnerabilities in the included JQuery component. (CVE-2020-11022, CVE-2020-11023)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 6.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2021-06-02T00:00:00", "type": "nessus", "title": "Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-1967", "CVE-2020-1971", "CVE-2021-23840", "CVE-2021-3449"], "modified": "2022-05-09T00:00:00", "cpe": ["cpe:/a:tenable:log_correlation_engine"], "id": "LCE_6_0_9.NASL", "href": "https://www.tenable.com/plugins/nessus/150139", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150139);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2019-1551\",\n \"CVE-2020-1967\",\n \"CVE-2020-1971\",\n \"CVE-2020-11022\",\n \"CVE-2020-11023\",\n \"CVE-2021-3449\",\n \"CVE-2021-23840\"\n );\n\n script_name(english:\"Tenable Log Correlation Engine (LCE) < 6.0.9 (TNS-2021-10)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A data aggregation application installed on the remote host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Tenable Log Correlation Engine (LCE) installed on the remote host is prior to 6.0.9. It is, therefore,\naffected by multiple vulnerabilities:\n\n - Multiple denial of service vulnerabilities in the included OpenSSL component. (CVE-2019-1551, CVE-2020-1967,\n CVE-2020-1971, CVE-2021-3449, CVE-2021-23840)\n\n - Multiple cross site scripting vulnerabilities in the included JQuery component. (CVE-2020-11022, CVE-2020-11023)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.tenable.com/security/tns-2021-10\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Tenable LCE version 6.0.9 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1551\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-11023\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:tenable:log_correlation_engine\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"lce_installed.nbin\");\n script_require_keys(\"installed_sw/Log Correlation Engine Server\");\n\n exit(0);\n}\n\ninclude('vcf.inc');\n\nvar app = 'Log Correlation Engine Server';\n\nget_install_count(app_name:app, exit_if_zero:TRUE);\n\nvar app_info = vcf::get_app_info(app:app);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { 'max_version' : '6.0.8', 'fixed_version' : '6.0.9' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{xss:TRUE});\n\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-06-16T15:38:14", "description": "The version of MySQL running on the remote host is 5.7.x prior to and including 5.7.30. It is, therefore, affected by multiple vulnerabilities, as noted in the July 2020 Critical Patch Update advisory:\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2021-2160)\n\n - A vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14539)\n\n - A vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. (CVE-2020-14550)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 4.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}, "published": "2020-07-17T00:00:00", "type": "nessus", "title": "MySQL 5.7.x < 5.7.31 Multiple Vulnerabilities (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-14539", "CVE-2020-14540", "CVE-2020-14547", "CVE-2020-14550", "CVE-2020-14553", "CVE-2020-14559", "CVE-2020-14576", "CVE-2020-1967", "CVE-2021-2001", "CVE-2021-2160"], "modified": "2021-05-19T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_7_31.NASL", "href": "https://www.tenable.com/plugins/nessus/138570", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138570);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/19\");\n\n script_cve_id(\n \"CVE-2020-1967\",\n \"CVE-2020-14539\",\n \"CVE-2020-14540\",\n \"CVE-2020-14547\",\n \"CVE-2020-14550\",\n \"CVE-2020-14553\",\n \"CVE-2020-14559\",\n \"CVE-2020-14576\",\n \"CVE-2021-2001\",\n \"CVE-2021-2160\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0321\");\n script_xref(name:\"IAVA\", value:\"2021-A-0038\");\n script_xref(name:\"IAVA\", value:\"2021-A-0193\");\n\n script_name(english:\"MySQL 5.7.x < 5.7.31 Multiple Vulnerabilities (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.7.x prior to and including 5.7.30. It is, therefore, affected by\nmultiple vulnerabilities, as noted in the July 2020 Critical Patch Update \nadvisory:\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions\n that are affected are 5.7.30 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of\n this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. (CVE-2021-2160)\n\n - A vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions\n that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable\n vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\n Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently\n repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14539)\n\n - A vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are\n affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows\n low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful\n attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash\n (complete DOS) of MySQL Client. (CVE-2020-14550)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujul2020cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujan2021cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuapr2021.html#AppendixMSQL\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuapr2021cvrf.xml\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.7.31 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14559\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/17\");\n\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\n \"mysql_version.nasl\", \n \"mysql_login.nasl\", \n \"mysql_version_local.nasl\", \n \"mysql_win_installed.nbin\", \n \"macosx_mysql_installed.nbin\"\n );\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.7.0', 'fixed_version' : '5.7.31'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 4, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-05-15T13:56:55", "description": "The version of MySQL running on the remote host is 8.0.x prior to and including 8.0.20. It is, therefore, affected by multiple vulnerabilities, including the following, as noted in the July 2020 Critical Patch Update advisory:\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).\n Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. (CVE-2020-14697, CVE-2020-14678)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14680)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2020-14651)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "published": "2020-07-16T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.21 Multiple Vulnerabilities (Jul 2020 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-1551", "CVE-2020-14539", "CVE-2020-14540", "CVE-2020-14547", "CVE-2020-14550", "CVE-2020-14553", "CVE-2020-14559", "CVE-2020-14568", "CVE-2020-14575", "CVE-2020-14576", "CVE-2020-14586", "CVE-2020-14591", "CVE-2020-14597", "CVE-2020-14614", "CVE-2020-14619", "CVE-2020-14620", "CVE-2020-14623", "CVE-2020-14624", "CVE-2020-14631", "CVE-2020-14632", "CVE-2020-14633", "CVE-2020-14634", "CVE-2020-14641", "CVE-2020-14643", "CVE-2020-14651", "CVE-2020-14654", "CVE-2020-14656", "CVE-2020-14663", "CVE-2020-14678", "CVE-2020-14680", "CVE-2020-14697", "CVE-2020-14702", "CVE-2020-14725", "CVE-2020-14799", "CVE-2020-1967", "CVE-2020-5258", "CVE-2021-1998", "CVE-2021-2012", "CVE-2021-2020"], "modified": "2022-05-12T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_8_0_21.NASL", "href": "https://www.tenable.com/plugins/nessus/138560", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(138560);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\n \"CVE-2019-1551\",\n \"CVE-2020-1967\",\n \"CVE-2020-5258\",\n \"CVE-2020-14539\",\n \"CVE-2020-14540\",\n \"CVE-2020-14547\",\n \"CVE-2020-14550\",\n \"CVE-2020-14553\",\n \"CVE-2020-14559\",\n \"CVE-2020-14568\",\n \"CVE-2020-14575\",\n \"CVE-2020-14576\",\n \"CVE-2020-14586\",\n \"CVE-2020-14591\",\n \"CVE-2020-14597\",\n \"CVE-2020-14614\",\n \"CVE-2020-14619\",\n \"CVE-2020-14620\",\n \"CVE-2020-14623\",\n \"CVE-2020-14624\",\n \"CVE-2020-14631\",\n \"CVE-2020-14632\",\n \"CVE-2020-14633\",\n \"CVE-2020-14634\",\n \"CVE-2020-14641\",\n \"CVE-2020-14643\",\n \"CVE-2020-14651\",\n \"CVE-2020-14654\",\n \"CVE-2020-14656\",\n \"CVE-2020-14663\",\n \"CVE-2020-14678\",\n \"CVE-2020-14680\",\n \"CVE-2020-14697\",\n \"CVE-2020-14702\",\n \"CVE-2020-14725\",\n \"CVE-2020-14799\",\n \"CVE-2021-1998\",\n \"CVE-2021-2012\",\n \"CVE-2021-2020\"\n );\n script_xref(name:\"IAVA\", value:\"2020-A-0321\");\n script_xref(name:\"IAVA\", value:\"2020-A-0473-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0038\");\n\n script_name(english:\"MySQL 8.0.x < 8.0.21 Multiple Vulnerabilities (Jul 2020 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 8.0.x prior to and including 8.0.20. It is, therefore, affected by multiple\nvulnerabilities, including the following, as noted in the July 2020 Critical Patch Update advisory:\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).\n Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in takeover of MySQL Server. (CVE-2020-14697, CVE-2020-14678)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions\n that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with\n network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can\n result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. (CVE-2020-14680)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supported\n versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged\n attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this\n vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL\n Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. (CVE-2020-14651)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujul2020.html#AppendixMSQL\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujul2020cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpujan2021.html#AppendixMSQL\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpujan2021cvrf.xml\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 8.0.21 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-14697\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-5258\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"mysql_version.nasl\", \"mysql_login.nasl\", \"mysql_version_local.nasl\", \"mysql_win_installed.nbin\", \"macosx_mysql_installed.nbin\");\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '8.0.0', 'fixed_version' : '8.0.21'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-06-24T14:07:01", "description": "The version of Oracle E-Business Suite installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory.\n\n - A vulnerability exists in the Oracle Applications Framework product of Oracle E-Business Suite (component:\n Home page). The supported version that is affected is 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework.\n Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Applications Framework accessible data as well as unauthorized access to critical data or complete access to all Oracle Applications Framework accessible data.\n (CVE-2021-2200)\n\n - A vulnerability exists in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or complete access to all Oracle Marketing accessible data. (CVE-2021-2205)\n\n - A vulnerability exists in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Email Center. While the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. (CVE-2021-2209)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.1, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}, "published": "2021-04-23T00:00:00", "type": "nessus", "title": "Oracle E-Business Suite Multiple Vulnerabilities (April 2021 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-14735", "CVE-2019-10086", "CVE-2020-1967", "CVE-2020-9488", "CVE-2021-2150", "CVE-2021-2153", "CVE-2021-2155", "CVE-2021-2156", "CVE-2021-2181", "CVE-2021-2182", "CVE-2021-2183", "CVE-2021-2184", "CVE-2021-2185", "CVE-2021-2186", "CVE-2021-2187", "CVE-2021-2188", "CVE-2021-2189", "CVE-2021-2190", "CVE-2021-2195", "CVE-2021-2197", "CVE-2021-2198", "CVE-2021-2199", "CVE-2021-2200", "CVE-2021-2205", "CVE-2021-2206", "CVE-2021-2209", "CVE-2021-2210", "CVE-2021-2222", "CVE-2021-2223", "CVE-2021-2224", "CVE-2021-2225", "CVE-2021-2227", "CVE-2021-2228", "CVE-2021-2229", "CVE-2021-2231", "CVE-2021-2233", "CVE-2021-2235", "CVE-2021-2236", "CVE-2021-2237", "CVE-2021-2238", "CVE-2021-2239", "CVE-2021-2241", "CVE-2021-2246", "CVE-2021-2247", "CVE-2021-2249", "CVE-2021-2251", "CVE-2021-2252", "CVE-2021-2254", "CVE-2021-2255", "CVE-2021-2258", "CVE-2021-2259", "CVE-2021-2260", "CVE-2021-2261", "CVE-2021-2262", "CVE-2021-2263", "CVE-2021-2267", "CVE-2021-2268", "CVE-2021-2269", "CVE-2021-2270", "CVE-2021-2271", "CVE-2021-2272", "CVE-2021-2273", "CVE-2021-2274", "CVE-2021-2275", "CVE-2021-2276", "CVE-2021-2288", "CVE-2021-2289", "CVE-2021-2290", "CVE-2021-2292", "CVE-2021-2295", "CVE-2021-2314", "CVE-2021-2316"], "modified": "2022-05-10T00:00:00", "cpe": ["cpe:/a:oracle:e-business_suite"], "id": "ORACLE_E-BUSINESS_CPU_APR_2021.NASL", "href": "https://www.tenable.com/plugins/nessus/148952", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148952);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2017-14735\",\n \"CVE-2019-10086\",\n \"CVE-2020-1967\",\n \"CVE-2020-9488\",\n \"CVE-2021-2150\",\n \"CVE-2021-2153\",\n \"CVE-2021-2155\",\n \"CVE-2021-2156\",\n \"CVE-2021-2181\",\n \"CVE-2021-2182\",\n \"CVE-2021-2183\",\n \"CVE-2021-2184\",\n \"CVE-2021-2185\",\n \"CVE-2021-2186\",\n \"CVE-2021-2187\",\n \"CVE-2021-2188\",\n \"CVE-2021-2189\",\n \"CVE-2021-2190\",\n \"CVE-2021-2195\",\n \"CVE-2021-2197\",\n \"CVE-2021-2198\",\n \"CVE-2021-2199\",\n \"CVE-2021-2200\",\n \"CVE-2021-2205\",\n \"CVE-2021-2206\",\n \"CVE-2021-2209\",\n \"CVE-2021-2210\",\n \"CVE-2021-2222\",\n \"CVE-2021-2223\",\n \"CVE-2021-2224\",\n \"CVE-2021-2225\",\n \"CVE-2021-2227\",\n \"CVE-2021-2228\",\n \"CVE-2021-2229\",\n \"CVE-2021-2231\",\n \"CVE-2021-2233\",\n \"CVE-2021-2235\",\n \"CVE-2021-2236\",\n \"CVE-2021-2237\",\n \"CVE-2021-2238\",\n \"CVE-2021-2239\",\n \"CVE-2021-2241\",\n \"CVE-2021-2246\",\n \"CVE-2021-2247\",\n \"CVE-2021-2249\",\n \"CVE-2021-2251\",\n \"CVE-2021-2252\",\n \"CVE-2021-2254\",\n \"CVE-2021-2255\",\n \"CVE-2021-2258\",\n \"CVE-2021-2259\",\n \"CVE-2021-2260\",\n \"CVE-2021-2261\",\n \"CVE-2021-2262\",\n \"CVE-2021-2263\",\n \"CVE-2021-2267\",\n \"CVE-2021-2268\",\n \"CVE-2021-2269\",\n \"CVE-2021-2270\",\n \"CVE-2021-2271\",\n \"CVE-2021-2272\",\n \"CVE-2021-2273\",\n \"CVE-2021-2274\",\n \"CVE-2021-2275\",\n \"CVE-2021-2276\",\n \"CVE-2021-2288\",\n \"CVE-2021-2289\",\n \"CVE-2021-2290\",\n \"CVE-2021-2292\",\n \"CVE-2021-2295\",\n \"CVE-2021-2314\",\n \"CVE-2021-2316\"\n );\n script_bugtraq_id(105656);\n script_xref(name:\"IAVA\", value:\"2021-A-0199\");\n\n script_name(english:\"Oracle E-Business Suite Multiple Vulnerabilities (April 2021 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle E-Business Suite installed on the remote host is affected by multiple vulnerabilities as\nreferenced in the April 2021 CPU advisory.\n\n - A vulnerability exists in the Oracle Applications Framework product of Oracle E-Business Suite (component:\n Home page). The supported version that is affected is 12.2.10. Easily exploitable vulnerability allows\n unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework.\n Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification\n access to critical data or all Oracle Applications Framework accessible data as well as unauthorized\n access to critical data or complete access to all Oracle Applications Framework accessible data.\n (CVE-2021-2200)\n\n - A vulnerability exists in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing\n Administration). Supported versions that are affected are 12.2.7-12.2.10. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing. Successful\n attacks of this vulnerability can result in unauthorized creation, deletion or modification access to\n critical data or all Oracle Marketing accessible data as well as unauthorized access to critical data or \n complete access to all Oracle Marketing accessible data. (CVE-2021-2205)\n\n - A vulnerability exists in the Oracle Email Center product of Oracle E-Business Suite (component: Message\n Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable\n vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Email\n Center. While the vulnerability is in Oracle Email Center, attacks may significantly impact additional\n products. Successful attacks of this vulnerability can result in unauthorized access to critical data or\n complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or\n delete access to some of Oracle Email Center accessible data. (CVE-2021-2209)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version \nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/a/tech/docs/cpuapr2021cvrf.xml\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.oracle.com/security-alerts/cpuapr2021.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2021 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10086\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2021-2205\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/04/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:e-business_suite\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_e-business_query_patch_info.nbin\");\n script_require_keys(\"Oracle/E-Business/Version\", \"Oracle/E-Business/patches/installed\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle.inc');\n\nvar app_info = vcf::oracle_ebusiness::get_app_info();\n\nvar constraints = [\n { 'min_version' : '12.1.1', 'max_version' : '12.1.3', 'fix_patches' : '32438190' },\n { 'min_version' : '12.2.0', 'max_version' : '12.2.2', 'fix_patches' : '32438203', 'fixed_display' : '12.2.3' },\n { 'min_version' : '12.2.3', 'max_version' : '12.2.10', 'fix_patches' : '32438203' }\n];\n\nvar fix_date = '202104';\n\nvcf::oracle_ebusiness::check_version_and_report(\n app_info : app_info,\n severity : SECURITY_HOLE,\n constraints : constraints,\n fix_date : fix_date\n);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-05-11T21:47:50", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-08-25T20:45:15", "type": "osv", "title": "Null pointer deference in openssl-src ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2021-08-19T21:21:21", "id": "OSV:GHSA-JQ65-29V4-4X35", "href": "https://osv.dev/vulnerability/GHSA-jq65-29v4-4x35", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-11T21:34:54", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 \nhandshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \n\"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature \nalgorithm is received from the peer. This could be exploited by a malicious peer in a Denial of \nService attack.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-25T12:00:00", "type": "osv", "title": "Crash causing Denial of Service attack", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2021-10-19T22:14:35", "id": "OSV:RUSTSEC-2020-0015", "href": "https://osv.dev/vulnerability/RUSTSEC-2020-0015", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T14:54:26", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-21T14:15:00", "type": "cve", "title": "CVE-2020-1967", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2021-12-10T17:11:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "cpe:/a:oracle:mysql_enterprise_monitor:8.0.20", "cpe:/a:netapp:steelstore_cloud_integrated_storage:-", "cpe:/a:oracle:http_server:12.2.1.4.0", "cpe:/a:netapp:active_iq_unified_manager:*", "cpe:/a:oracle:mysql_workbench:8.0.21", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57", "cpe:/a:oracle:mysql:8.0.20", "cpe:/o:freebsd:freebsd:12.1", "cpe:/a:oracle:mysql:5.7.30", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:opensuse:leap:15.2", "cpe:/a:netapp:snapcenter:-", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.58", "cpe:/a:netapp:oncommand_workflow_automation:-", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56", "cpe:/o:broadcom:fabric_operating_system:-", "cpe:/a:netapp:oncommand_insight:-", "cpe:/o:fedoraproject:fedora:32", "cpe:/o:opensuse:leap:15.1", "cpe:/a:oracle:jd_edwards_world_security:a9.4", "cpe:/a:oracle:enterprise_manager_base_platform:13.4.0.0", "cpe:/a:oracle:mysql:5.6.48", "cpe:/o:fedoraproject:fedora:31", "cpe:/a:oracle:mysql_enterprise_monitor:4.0.12", "cpe:/a:openssl:openssl:1.1.1f", "cpe:/a:oracle:enterprise_manager_for_storage_management:13.3.0.0", "cpe:/a:oracle:application_server:12.1.3", "cpe:/a:netapp:smi-s_provider:-", "cpe:/a:oracle:enterprise_manager_for_storage_management:13.4.0.0", "cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.59", "cpe:/a:oracle:enterprise_manager_ops_center:12.4.0", "cpe:/a:netapp:e-series_performance_analyzer:-", "cpe:/o:fedoraproject:fedora:30", "cpe:/a:oracle:mysql_connectors:8.0.20"], "id": "CVE-2020-1967", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-1967", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.3.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:5.7.30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_connectors:8.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:8.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:application_server:12.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:openssl:openssl:1.1.1f:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql:8.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_enterprise_monitor:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:mysql_workbench:8.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:enterprise_manager_for_storage_management:13.4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:e-series_performance_analyzer:-:*:*:*:*:*:*:*", "cpe:2.3:o:freebsd:freebsd:12.1:-:*:*:*:*:*:*", "cpe:2.3:o:broadcom:fabric_operating_system:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:oracle:mysql:5.6.48:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*", "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"]}], "openssl": [{"lastseen": "2022-01-04T08:37:41", "description": " Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Reported by Bernd Edlinger. \n\n * Fixed in OpenSSL 1.1.1g [(git commit)](<https://github.com/openssl/openssl/commit/eb563247aef3e83dda7679c43f9649270462e5b1>) (Affected 1.1.1d-1.1.1f)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "openssl", "title": "Vulnerability in OpenSSL - Segmentation fault in SSL_check_chain ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-21T00:00:00", "id": "OPENSSL:CVE-2020-1967", "href": "https://www.openssl.org/news/secadv/20200421.txt", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2021-09-01T13:01:02", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f). ([CVE-2020-1967](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967>)) \n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-23T03:27:00", "type": "f5", "title": "OpenSSL vulnerability CVE-2020-1967", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-23T03:27:00", "id": "F5:K01251345", "href": "https://support.f5.com/csp/article/K01251345", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2022-06-08T08:08:00", "description": "A NULL pointer dereference flaw was found in the way OpenSSL handled certain TLS handshake messages. This flaw allows an unauthenticated attacker to cause a server application compiled with OpenSSL to crash, causing a denial of service. In some cases a malicious server could also cause a client compiled with OpenSSL to crash.\n#### Mitigation\n\nApplications compiled with OpenSSL >= 1.1.1d that either use openssl without invoking the `SSL_check_chain()` function or do not use TLS 1.3 are not vulnerable to this flaw. \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-21T13:33:41", "type": "redhatcve", "title": "CVE-2020-1967", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2022-06-08T06:55:12", "id": "RH:CVE-2020-1967", "href": "https://access.redhat.com/security/cve/cve-2020-1967", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "huawei": [{"lastseen": "2021-12-30T12:25:59", "description": "There is a Denial of Service (DoS) vulnerability in Openssl. Specific function in Openssl may crash during or after the TLS 1.3 handshake due to a NULL pointer dereference. Attacker may send crafted request packet to the target host service to exploit this vulnerability. Successful exploit may cause the affected service crash or deny of service. (Vulnerability ID: HWPSIRT-2020-16617)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-1967.\n\nHuawei has released software updates to fix this vulnerability. This advisory is available at the following link:\n\n[http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-01-openssl-en](<http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200715-01-openssl-en>)\n\n \n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-07-15T00:00:00", "type": "huawei", "title": "Security Advisory - Denial of Service Vulnerability in OpenSSL", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-29T00:00:00", "id": "HUAWEI-SA-20200715-01-OPENSSL", "href": "https://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200715-01-openssl-en", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2021-10-22T02:33:28", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4661-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nApril 21, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : openssl\nCVE ID : CVE-2020-1967\n\nBernd Edlinger discovered that malformed data passed to the\nSSL_check_chain() function during or after a TLS 1.3 handshake could\ncause a NULL dereference, resulting in denial of service.\n\nThe oldstable distribution (stretch) is not affected.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 1.1.1d-0+deb10u3.\n\nWe recommend that you upgrade your openssl packages.\n\nFor the detailed security status of openssl please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/openssl\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T13:58:12", "type": "debian", "title": "[SECURITY] [DSA 4661-1] openssl security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-21T13:58:12", "id": "DEBIAN:DSA-4661-1:70270", "href": "https://lists.debian.org/debian-security-announce/2020/msg00064.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "github": [{"lastseen": "2021-12-22T11:51:56", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-08-25T20:45:15", "type": "github", "title": "Null pointer deference in openssl-src ", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2021-10-21T21:10:47", "id": "GHSA-JQ65-29V4-4X35", "href": "https://github.com/advisories/GHSA-jq65-29v4-4x35", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-06-25T02:02:16", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-21T14:15:00", "type": "debiancve", "title": "CVE-2020-1967", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-21T14:15:00", "id": "DEBIANCVE:CVE-2020-1967", "href": "https://security-tracker.debian.org/tracker/CVE-2020-1967", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ibm": [{"lastseen": "2022-06-28T22:13:42", "description": "## Summary\n\nSecurity vulnerability affects IBM Watson Explorer Foundational Components.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-1967](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to the SSL_check_chain() function during or after a TLS 1.3 handshake, a remote attacker could exploit this vulnerability to cause server or client applications to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Explorer Deep Analytics Edition Foundational Components| 12.0.0, 12.0.1, 12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.3 \nWatson Explorer Foundational Components| 11.0.0.0 - 11.0.0.3, 11.0.1, 11.0.2.0 - 11.0.2.7 \nWatson Explorer Foundational Components| 10.0.0.0 - 10.0.0.8 \n \n\n\n## Remediation/Fixes\n\nFollow these steps to upgrade to the required version of OpenSSL. \n \nThe table reflects product names at the time the specified versions were released. To use the links to Fix Central in this table, you must first log in to the IBM Support: Fix Central site at <http://www.ibm.com/support/fixcentral/>. \n\n**Affected Product**| **Affected Versions**| **How to acquire and apply the fix** \n---|---|--- \nIBM Watson Explorer DAE \nFoundational Components| \n\n12.0.0,\n\n12.0.1,\n\n12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.3\n\n| \n\nUpgrade to Version 12.0.3.4. \n\nSee [Watson Explorer Version 12.0.3.4 Foundational Components](<https://www.ibm.com/support/pages/node/6244514>) for download information and instructions. \n \nIBM Watson Explorer \nFoundational Components| 11.0.0.0 - 11.0.0.3, \n11.0.1, \n11.0.2.0 - 11.0.2.7| \n\nUpgrade to Version 11.0.2.8. \n \nSee [Watson Explorer Version 11.0.2.8 Foundational Components](<https://www.ibm.com/support/pages/node/6244520>) for download information and instructions. \n \nIBM Watson Explorer \nFoundational Components| 10.0.0.0 - 10.0.0.8 \n \n| \n\nUpgrade to Version 10.0.0.9.\n\nSee [Watson Explorer Version 10.0.0.9 Foundational Components](<http://www.ibm.com/support/pages/node/6244528>) for download information and instructions. \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n22 Jul 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SS8NLW\",\"label\":\"IBM Watson Explorer\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"},{\"code\":\"PF033\",\"label\":\"Windows\"}],\"Version\":\"10.0.0, 11.0.0, 11.0.1, 11.0.2, 12.0.0, 12.0.1, 12.0.2, 12.0.3\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB10\",\"label\":\"Data and AI\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-07-22T06:09:05", "type": "ibm", "title": "Security Bulletin: Vulnerability affects Watson Explorer Foundational Components (CVE-2020-1967)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-07-22T06:09:05", "id": "90D59D207E240BE5AC750765C539B8ED7F5604D85518190296B85710EF6190ED", "href": "https://www.ibm.com/support/pages/node/6250341", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:08:31", "description": "## Summary\n\nOpenSSL is used by IBM i. IBM i has addressed the applicable CVE.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-1967](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to the SSL_check_chain() function during or after a TLS 1.3 handshake, a remote attacker could exploit this vulnerability to cause server or client applications to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM i| 7.4 \nIBM i| 7.3 \nIBM i| 7.2 \nIBM i| 7.1 \n \n\n\n## Remediation/Fixes\n\nThe issues can be fixed by applying a PTF to IBM i. Releases 7.4 7.3, 7.2 and 7.1 of IBM i are supported and will be fixed. \n\nThe IBM i PTF numbers are: \n**Release 7.1 \u2013 SI73429** \n**Release 7.2, 7.3 & 7.4 \u2013 SI73430** \n<https://www-945.ibm.com/support/fixcentral/>\n\n**_Important note: _**_IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products._\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n19 June 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Type\":\"MASTER\",\"Line of Business\":{\"code\":\"LOB57\",\"label\":\"Power\"},\"Business Unit\":{\"code\":\"BU058\",\"label\":\"IBM Infrastructure w\\/TPS\"},\"Product\":{\"code\":\"SWG60\",\"label\":\"IBM i\"},\"Platform\":[{\"code\":\"PF012\",\"label\":\"IBM i\"}],\"Version\":\"7.1.0\"}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-19T14:58:12", "type": "ibm", "title": "Security Bulletin: OpenSSL for IBM i is affected by CVE-2020-1967", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-06-19T14:58:12", "id": "599FD7C04A9861E581A0889B84F743CE6345EDB3A38453CDF55B29FBE0F03491", "href": "https://www.ibm.com/support/pages/node/6235728", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:12:30", "description": "## Summary\n\nMessageGateway has addressed the following vulnerability by updating the level of OpenSSL.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-1967](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to the SSL_check_chain() function during or after a TLS 1.3 handshake, a remote attacker could exploit this vulnerability to cause server or client applications to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM WIoTP MessageGateway| 5.0.0.1 \n \n\n\n## Remediation/Fixes\n\n_Product_\n\n| _VRMF_| _APAR_| _Remediation/First Fix_ \n---|---|---|--- \n_IBM WIoTP MessageGateway_| \n\n_5.0.0.2_\n\n| \n\n_IT32682_\n\n| [_5.0.0.2-IBM-IMA-IFIT32682_](<https://www.ibm.com/support/pages/node/6203963>) \n \n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n30 Apr 2020: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSF79B\",\"label\":\"IBM Watson IoT Platform - Message Gateway\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"5.0.0.1, 5.0.0.2\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB02\",\"label\":\"AI Applications\"}}]", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-30T17:09:17", "type": "ibm", "title": "Security Bulletin: OpenSSL disclosed vulnerability affects MessageGatweay (CVE-2020-1967)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2020-04-30T17:09:17", "id": "CD07568ED0ED0755A81F0FAAB2708FA8AAC3BA618A3434B98C44AA7ECD3EE952", "href": "https://www.ibm.com/support/pages/node/6204098", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-28T22:12:33", "description": "## Summary\n\nThe product includes vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-8169](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the failure to correctly URL encode the credential data when set using an curl_easy_setopt option. The host name and partial password is leaked in cleartext over DNS on HTTP redirect. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183930](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183930>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-8177](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177>) \n** DESCRIPTION: **cURL could allow a remote attacker to overwrite arbitrary files on the system, caused by the improper handling of certain parameters when using -J (--remote-header-name) and -I (--include) in the same command line. An attacker could exploit this vulnerability to overwrite a local file. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183931](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183931>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-8231](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8231>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the improper handling of the CURLOPT_CONNECT_ONLY option. The raw data is sent over that connection to the wrong destination. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-8285](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8285>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a denial of service, caused by a stack-based buffer overflow in the wildcard matching function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8286](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8286>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by improper OCSP response verification. By sending a specially-crafted request, an attacker could exploit this vulnerability to breach a TLS server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-1967](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. By passing specially crafted data to the SSL_check_chain() function during or after a TLS 1.3 handshake, a remote attacker could exploit this vulnerability to cause server or client applications to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180181](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180181>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-1971](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference. If the GENERAL_NAME_cmp function contain an EDIPARTYNAME, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192748](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192748>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-15847](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could provide weaker than expected security, caused by a flaw in the POWER9 backend. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166452](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166452>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28928](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28928>) \n** DESCRIPTION: **musl libc is vulnerable to a denial of service, caused by a destination buffer overflow in the wcsnrtombs function. By sending specially-crafted input, a local attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192091](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192091>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-11080](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11080>) \n** DESCRIPTION: **Node.js is vulnerable to a denial of service, caused by an error in the HTTP/2 session frame which is limited to 32 settings by default. By sending overly large HTTP/2 SETTINGS frames, an attacker could exploit this vulnerability to consume all available CPU resources. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182815](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182815>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Security QRadar Analyst Workflow| 1.0.0 - 1.3.1 \n \n\n\n## Remediation/Fixes\n\n[Update to 1.4.0](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=All&platform=All&function=fixId&fixids=IBM-Security-QRadar-Analyst-Workflow-v1.4.0&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=SAR> \"Update to 1.4.0\" )\n\n## Workarounds and Mitigations\n\nNone\n\n## Get Notified about Future Security Bulletins\n\nSubscribe to [My Notifications](< http://www-01.ibm.com/software/support/einfo.html>) to be notified of important product support alerts like this.\n\n### References \n\n[Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide> \"Link resides outside of ibm.com\" ) \n[On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0> \"Link resides outside of ibm.com\" )\n\nOff \n\n## Related Information\n\n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<http://www.ibm.com/blogs/psirt>)\n\n## Change History\n\n27 Jan 2021: Initial Publication\n\n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n## Disclaimer\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"\"AS IS\"\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. \"Affected Products and Versions\" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.\n\n## Document Location\n\nWorldwide\n\n[{\"Business Unit\":{\"code\":\"BU059\",\"label\":\"IBM Software w\\/o TPS\"},\"Product\":{\"code\":\"SSBQAC\",\"label\":\"IBM Security QRadar SIEM\"},\"Component\":\"\",\"Platform\":[{\"code\":\"PF016\",\"label\":\"Linux\"}],\"Version\":\"7.3, 7.4\",\"Edition\":\"\",\"Line of Business\":{\"code\":\"LOB24\",\"label\":\"Security Software\"}}]", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-27T23:48:48", "type": "ibm", "title": "Security Bulletin: IBM Security QRadar Analyst Workflow add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-15847", "CVE-2020-11080", "CVE-2020-1967", "CVE-2020-1971", "CVE-2020-28928", "CVE-2020-8169", "CVE-2020-8177", "CVE-2020-8231", "CVE-2020-8285", "CVE-2020-8286"], "modified": "2021-01-27T23:48:48", "id": "0EF2B3BEA4403B998499114AE5D3693C840E985B7ECCF95FA6F6834A4F819197", "href": "https://www.ibm.com/support/pages/node/6409294", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "rustsec": [{"lastseen": "2021-12-27T16:52:28", "description": "Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 \nhandshake may crash due to a NULL pointer dereference as a result of incorrect handling of the \n\"signature_algorithms_cert\" TLS extension. The crash occurs if an invalid or unrecognised signature \nalgorithm is received from the peer. This could be exploited by a malicious peer in a Denial of \nService attack.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-25T12:00:00", "type": "rustsec", "title": "Crash causing Denial of Service attack", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2021-10-19T22:14:35", "id": "RUSTSEC-2020-0015", "href": "https://rustsec.org/advisories/RUSTSEC-2020-0015", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "githubexploit": [{"lastseen": "2022-03-23T17:06:58", "description": "# CVE-2020-1967\nProof of concept exploit about OpenSSL signature...", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-28T21:15:35", "type": "githubexploit", "title": "Exploit for NULL Pointer Dereference in Openssl", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1967"], "modified": "2021-12-15T14:39:07", "id": "9D1AE9EC-AAED-5991-9F41-9458ABC7EFC3", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "privateArea": 1}], "fedora": [{"lastseen": "2021-07-28T18:41:39", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-26T02:51:31", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: openssl-1.1.1g-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-04-26T02:51:31", "id": "FEDORA:B0BBE6085FBF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-30T02:52:05", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: openssl-1.1.1g-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-04-30T02:52:05", "id": "FEDORA:8514B6312F21", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T18:41:39", "description": "The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-09T04:12:38", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: openssl-1.1.1g-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-05-09T04:12:38", "id": "FEDORA:822D960BF257", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "gentoo": [{"lastseen": "2022-01-17T19:02:08", "description": "### Background\n\nOpenSSL is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1/v1.1/v1.2/v1.3) as well as a general purpose cryptography library. \n\n### Description\n\nMultiple vulnerabilities have been discovered in OpenSSL. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could perform a malicious crafted TLS 1.3 handshake against an application using OpenSSL, possibly resulting in a Denial of Service condition. \n\nIn addition, it\u2019s feasible that an attacker might attack DH512.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll OpenSSL users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-libs/openssl-1.1.1g\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-23T00:00:00", "type": "gentoo", "title": "OpenSSL: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1551", "CVE-2020-1967"], "modified": "2020-04-23T00:00:00", "id": "GLSA-202004-10", "href": "https://security.gentoo.org/glsa/202004-10", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "photon": [{"lastseen": "2022-05-12T18:21:48", "description": "Updates of ['nxtgn-openssl', 'ansible', 'nettle'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-22T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2020-0233", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16869", "CVE-2020-1733", "CVE-2020-1739", "CVE-2020-1967"], "modified": "2020-04-22T00:00:00", "id": "PHSA-2020-0233", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-233", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-11-03T15:03:37", "description": "An update of {'nettle', 'ansible', 'nxtgn-openssl'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-2.0-0233", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-16869", "CVE-2020-1733", "CVE-2020-1739", "CVE-2020-1967"], "modified": "2020-04-21T00:00:00", "id": "PHSA-2020-2.0-0233", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-233", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-31T04:30:26", "description": "An update of {'linux', 'linux-aws', 'linux-secure', 'mysql', 'linux-esx', 'nxtgn-openssl'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-04-21T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2020-3.0-0082", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 7.8, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2791", "CVE-2019-2911", "CVE-2019-2914", "CVE-2019-2920", "CVE-2019-2938", "CVE-2019-2946", "CVE-2019-2957", "CVE-2019-2960", "CVE-2019-2963", "CVE-2019-2966", "CVE-2019-2967", "CVE-2019-2968", "CVE-2019-2974", "CVE-2019-2982", "CVE-2019-2991", "CVE-2019-2993", "CVE-2019-2997", "CVE-2019-2998", "CVE-2019-3004", "CVE-2019-3009", "CVE-2019-3011", "CVE-2019-3018", "CVE-2020-11565", "CVE-2020-11668", "CVE-2020-1967", "CVE-2020-2570", "CVE-2020-2572", "CVE-2020-2573", "CVE-2020-2574", "CVE-2020-2577", "CVE-2020-2579", "CVE-2020-2580", "CVE-2020-2584", "CVE-2020-2588", "CVE-2020-2589", "CVE-2020-2627", "CVE-2020-2660", "CVE-2020-2679", "CVE-2020-2686", "CVE-2020-2694", "CVE-2020-2752", "CVE-2020-2759", "CVE-2020-2760", "CVE-2020-2761", "CVE-2020-2762", "CVE-2020-2763", "CVE-2020-2765", "CVE-2020-2768", "CVE-2020-2770", "CVE-2020-2774", "CVE-2020-2779", "CVE-2020-2780", "CVE-2020-2804", "CVE-2020-2812", "CVE-2020-2814", "CVE-2020-2853", "CVE-2020-2892", "CVE-2020-2893", "CVE-2020-2895", "CVE-2020-2896", "CVE-2020-2897", "CVE-2020-2898", "CVE-2020-2901", "CVE-2020-2903", "CVE-2020-2904", "CVE-2020-2921", "CVE-2020-2922", "CVE-2020-2923", "CVE-2020-2924", "CVE-2020-2925", "CVE-2020-2926", "CVE-2020-2928", "CVE-2020-2930"], "modified": "2020-04-21T00:00:00", "id": "PHSA-2020-3.0-0082", "href": "https://github.com/vmware/photon/wiki/Security-Updates-3.0-82", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:C"}}, {"lastseen": "2022-05-12T18:49:08", "description": "Updates of ['linux-esx', 'nxtgn-openssl', 'linux', 'mysql', 'linux-secure', 'linux-aws'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-04-22T00:00:00", "type": "photon", "title": "Important Photon OS Security Update - PHSA-2020-0082", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 5.6, "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 7.8, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2791", "CVE-2019-2911", "CVE-2019-2914", "CVE-2019-2920", "CVE-2019-2938", "CVE-2019-2946", "CVE-2019-2957", "CVE-2019-2960", "CVE-2019-2963", "CVE-2019-2966", "CVE-2019-2967", "CVE-2019-2968", "CVE-2019-2974", "CVE-2019-2982", "CVE-2019-2991", "CVE-2019-2993", "CVE-2019-2997", "CVE-2019-2998", "CVE-2019-3004", "CVE-2019-3009", "CVE-2019-3011", "CVE-2019-3018", "CVE-2020-11494", "CVE-2020-11565", "CVE-2020-11608", "CVE-2020-11609", "CVE-2020-11668", "CVE-2020-12657", "CVE-2020-14381", "CVE-2020-1967", "CVE-2020-2570", "CVE-2020-2572", "CVE-2020-2573", "CVE-2020-2574", "CVE-2020-2577", "CVE-2020-2579", "CVE-2020-2580", "CVE-2020-2584", "CVE-2020-2588", "CVE-2020-2589", "CVE-2020-2627", "CVE-2020-2660", "CVE-2020-2679", "CVE-2020-2686", "CVE-2020-2694", "CVE-2020-2752", "CVE-2020-2759", "CVE-2020-2760", "CVE-2020-2761", "CVE-2020-2762", "CVE-2020-2763", "CVE-2020-2765", "CVE-2020-2768", "CVE-2020-2770", "CVE-2020-2774", "CVE-2020-2779", "CVE-2020-2780", "CVE-2020-2804", "CVE-2020-2812", "CVE-2020-2814", "CVE-2020-2853", "CVE-2020-2892", "CVE-2020-2893", "CVE-2020-2895", "CVE-2020-2896", "CVE-2020-2897", "CVE-2020-2898", "CVE-2020-2901", "CVE-2020-2903", "CVE-2020-2904", "CVE-2020-2921", "CVE-2020-2922", "CVE-2020-2923", "CVE-2020-2924", "CVE-2020-2925", "CVE-2020-2926", "CVE-2020-2928", "CVE-2020-2930"], "modified": "2020-04-22T00:00:00", "id": "PHSA-2020-0082", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-82", "cvss": {"score": 5.6, "vector": "AV:L/AC:L/Au:N/C:N/I:P/A:C"}}], "symantec": [{"lastseen": "2022-01-11T11:31:33", "description": "**Summary**\n\nSymantec Web Security Group (WSG) products using affected versions of OpenSSL may be susceptible to multiple vulnerabilities. A local or remote attacker can obtain private key or other secret key information. A remote attacker can also cause denial of service. \n \n\n\n**Affected Product(s)**\n\nThe following products and product versions are vulnerable to the CVEs listed. If a CVE is not listed, the product or version is not known to be vulnerable to it. \n \n\n\n**Advanced Secure Gateway (ASG)** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1551 | 6.7 | Upgrade to 6.7.5.13. \n7.1 | Remediation will not be provided. \n7.2 | Upgrade to 7.2.8.1. \n7.3 | Upgrade to 7.3.4.1. \n \n \n\n**BCAAA** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1563 | 6.1 (only when Novell SSO realm is used) | A fix will not be provided. The vulnerable OpenSSL library is in the Novell SSO SDK and an updated Novell SSO SDK is no longer available. Please contact Novell for more information. \n \n \n\n**Content Analysis (CA)** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1551 | 2.3, 2.4 | Not vulnerable \n3.0, 3.1 | Remediation is not available at this time. \n \n \n\n**Management Center (MC)** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1551 | 3.0 | Upgrade to later release with fixes. \n3.1, 3.2 | Remediation is not available at this time. \n \n \n\n**ProxySG** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1551 | 6.7 | Upgrade to 6.7.5.13. \n7.1 | Remediation will not be provided. \n7.2 | Upgrade to 7.2.8.1. \n7.3 | Upgrade to 7.3.4.1. \n \n \n\n**Reporter** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1551 | 10.4 | Remediation will not be provided. \n10.5, 10.6 | Remediation is not available at this time. \n \n \n\n**SSL Visibility (SSLV)** \n--- \n**CVE** | **Supported Version(s)** | **Remediation** \nCVE-2019-1551 | 4.5 | Remediation is not available at this time. \n5.0 | Upgrade to later release with fixes. \n \n** \nAdditional Product Information**\n\nCVE-2019-1551 is exploitable in ASG, CA, ProxySG, Reporter, and SSLV only when customers configure the products' SSL/TLS interfaces with 1024-bit RSA keys. The default key/certificate pairs shipped with the products have 2048-bit or larger RSA keys. Symantec recommends configuring all SSL/TLS interfaces with 2048-bit or larger RSA keys for protection against multiple attacks, including attacks using CVE-2019-1551.\n\nThe following products are not vulnerable: \n**AuthConnector \nGeneral Auth Connector Login Application \nHSM Agent for the Luna SP \n****PacketShaper (PS) S-Series \nPolicyCenter (PC) S-Series \nSecurity Analytics (SA) \nSymantec Messaging Gateway (SMG) \nUnified Agent \nWSS Agent \nWSS Mobile Agent**\n\nThe following products are under investigation:** \nWeb Isolation (WI) \n \n**\n\n**Issue Details**\n\n**CVE-2019-1547** \n--- \n**Severity / CVSS v3.1:** | Medium / 4.7 (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N) \n**References:** | NVD: [CVE-2019-1547](<https://nvd.nist.gov/vuln/detail/CVE-2019-1547> \"NVD - CVE-2019-1547\" ) \n**Impact:** | Information disclosure \n**Description:** | A side channel flaw in ECDSA signature generation allows a local attacker to recover ECDSA private key information. \n \n \n\n**CVE-2019-1549** \n--- \n**Severity / CVSS v3.1:** | Medium / 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n**References:** | NVD: [CVE-2019-1549](<https://nvd.nist.gov/vuln/detail/CVE-2019-1549> \"NVD - CVE-2019-1549\" ) \n**Impact:** | Information disclosure \n**Description:** | An RNG state management flaw in random number generation may cause an application to generate insufficiently random data. An attacker with access to the memory of a process on the target host may be able to guess private/secret encryption keys and other random secrets in the memory of a parent or child process. \n \n \n\n**CVE-2019-1551** \n--- \n**Severity / CVSS v3.1:** | Medium / 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n**References:** | NVD: [CVE-2019-1551](<https://nvd.nist.gov/vuln/detail/CVE-2019-1551> \"NVD - CVE-2019-1551\" ) \n**Impact:** | Information disclosure \n**Description:** | An overflow flaw in the 64-bit Montgomery squaring arithmetic operation implementation allows an attacker to obtain private key information. \n \n \n\n**CVE-2019-1563** \n--- \n**Severity / CVSS v3.1:** | Low / 3.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n**References:** | NVD: [CVE-2019-1563](<https://nvd.nist.gov/vuln/detail/CVE-2019-1563> \"NVD - CVE-2019-1563\" ) \n**Impact:** | Information disclosure \n**Description:** | A padding oracle flaw in CMS/PKCS7 decryption allows a remote attacker to recover a CMS/PKCS7 transported encryption key or decrypt an RSA encrypted message. \n \n \n\n**CVE-2020-1967** \n--- \n**Severity / CVSS v3.1:** | High / 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n**References:** | NVD: [CVE-2020-1967](<https://nvd.nist.gov/vuln/detail/CVE-2020-1967> \"NVD - CVE-2020-1967\" ) \n**Impact:** | Denial of service \n**Description:** | A memory handling flaw in the TLS 1.3 handshake implementation allows a remote attacker to send a crafted handshake message and cause denial of service through application crashes. \n \n** \nReferences**\n\n * OpenSSL Security Advisory [10 September 2019] - <https://www.openssl.org/news/secadv/20190910.txt>\n * OpenSSL Security Advisory [6 December 2019] - <https://www.openssl.org/news/secadv/20191206.txt>\n * OpenSSL Security Advisory [21 April 2020] - <https://www.openssl.org/news/secadv/20200421.txt> \n \n\n\n**Revisions**\n\n2021-10-14 A fix for ASG 6.7 and ProxySG 6.7 is available in 6.7.5.13. A fix for ASG 7.2 and ProxySG 7.2 is available in 7.2.8.1. \n2021-09-10 A fix for ASG 7.3 and ProxySG 7.3 is available in 7.3.4.1. \n2021-08-12 MC 3.2 is vulnerable to CVE-2019-1551. \n2021-07-02 MC 3.0 and 3.1 are vulnerable to CVE-2019-1551. \n2021-06-07 A fix for SSLV 5.0 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2021-04-26 PacketShaper (PS) S-Series and PolicyCenter (PC) S-Series are not vulnerable. \n2021-04-19 BCAAA 6.1 is vulnerable to CVE-2019-1563. \n2020-11-19 A fix for Reporter 10.4 will not be provided. Please upgrade to a later version with the vulnerability fixes. \n2020-11-12 Content Analysis 3.1 is vulnerable to CVE-2019-1551. \n2020-05-19 initial public release\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-05-19T20:35:38", "type": "symantec", "title": "OpenSSL Vulnerabilities Sep 2019 \u2013 Apr 2020", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1551", "CVE-2019-1563", "CVE-2020-1967"], "modified": "2022-01-10T20:19:40", "id": "SMNTC-1768", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "hackerone": [{"lastseen": "2020-06-11T18:40:43", "bounty": 0.0, "description": "**Summary:**\nThere are multiple issues found on \u2588\u2588\u2588:\n1. \u2588\u2588\u2588\u2588\u2588\u2588\u2588/examples/ - Apache Tomcat examples are available for public. Multiple issues - session and cookies manipulation, internals IP disclosure.\n2. Error page contains information about Apache Tomcat version\n3. Reported Tomcat version is vulnerable. Multiple CVEs - critical, high and medium\n\n**Description:**\n1. Examples are available by link: \u2588\u2588\u2588\u2588\u2588\u2588\u2588/examples/\n\n2. Information disclosure about Apache Tomcat version\n\n3. Vulnerable version Apache Tomcat/8.5.33\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1938\nBase Score: 9.8 CRITICALVector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-0232\nBase Score: 8.1 HIGH Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-17563\nBase Score: 7.5 HIGH Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-10072\nBase Score: 7.5 HIGH Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-0199\nBase Score: 7.5 HIGH Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1967\nBase Score: 7.5 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-12418\nBase Score: 7.0 HIGH Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-0221\nBase Score: 6.1 MEDIUM Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-2684\nBase Score: 5.9 MEDIUM Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1935\nBase Score: 4.8 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N\n\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-11784\nBase Score: 4.3 MEDIUM Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N\n\n## Impact\nMore than Critical. The system is vulnerable. Exploits are available.\n\n## Step-by-step Reproduction Instructions\n\n1. Navigate to \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588/examples/\nYou will see the standard examples page. Servlets allow to modify cookies and sessions.\n2. Navigate to any non exists address to get the Apache Tomcat version\nE.g. \u2588\u2588\u2588/examples/Readme\n\n## Product, Version, and Configuration (If applicable)\nApache Tomcat/8.5.33\n\n## Suggested Mitigation/Remediation Actions\n1. Upgrade Tomcat\n2. Remove /examples\n3. Change the configuration - display a custom 404 page\n\n## Impact\n\nMore than Critical. The system is vulnerable. Exploits are available.\nIn the An attacker can change session and cookies. Potential sessions interception.\nCVEs: Critical -1, High - 6, Medium - 4", "edition": 2, "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-05-14T19:38:44", "type": "hackerone", "title": "U.S. Dept Of Defense: Tomcat examples available for public, Disclosure Apache Tomcat version, Critical/High/Medium CVE", "bulletinFamily": "bugbounty", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11784", "CVE-2019-0199", "CVE-2019-0221", "CVE-2019-0232", "CVE-2019-10072", "CVE-2019-12418", "CVE-2019-17563", "CVE-2019-2684", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1967"], "modified": "2020-06-11T18:17:21", "id": "H1:874427", "href": "https://hackerone.com/reports/874427", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2021-10-22T15:44:15", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 329 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2739494.1>).\n\n**Please note that since the release of the October 2020 Critical Patch Update, Oracle has released a Security Alert for Oracle WebLogic Server: [CVE-2020-14750 (November 1, 2020)](<https://www.oracle.com/security-alerts/alert-cve-2020-14750.html>). Customers are strongly advised to apply this Critical Patch Update, which includes patches for this Alert as well as additional patches.**\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-19T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - January 2021", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2098", "CVE-2015-4000", "CVE-2015-8965", "CVE-2016-1000031", "CVE-2016-5725", "CVE-2017-12626", "CVE-2017-5611", "CVE-2017-5645", "CVE-2017-8028", "CVE-2018-0732", "CVE-2018-10237", "CVE-2018-11775", "CVE-2018-1258", "CVE-2018-1285", "CVE-2018-15756", "CVE-2018-20781", "CVE-2018-2587", "CVE-2018-7318", "CVE-2018-8032", "CVE-2018-9019", "CVE-2019-0188", "CVE-2019-0227", "CVE-2019-0230", "CVE-2019-0233", "CVE-2019-10086", "CVE-2019-10173", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11135", "CVE-2019-11269", "CVE-2019-11358", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-13990", "CVE-2019-14862", "CVE-2019-1551", "CVE-2019-1559", "CVE-2019-17091", "CVE-2019-17195", "CVE-2019-17359", "CVE-2019-17563", "CVE-2019-17566", "CVE-2019-17569", "CVE-2019-20892", "CVE-2019-20907", "CVE-2019-2697", "CVE-2019-3773", "CVE-2019-3778", "CVE-2019-5427", "CVE-2019-7164", "CVE-2019-7548", "CVE-2019-9511", "CVE-2019-9513", "CVE-2020-10531", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10725", "CVE-2020-10726", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11979", "CVE-2020-11984", "CVE-2020-11985", "CVE-2020-11993", "CVE-2020-11994", "CVE-2020-11996", "CVE-2020-11998", "CVE-2020-12723", "CVE-2020-13254", "CVE-2020-13596", "CVE-2020-13871", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-13954", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14147", "CVE-2020-14195", "CVE-2020-14422", "CVE-2020-14750", "CVE-2020-14756", "CVE-2020-14803", "CVE-2020-15025", "CVE-2020-15358", "CVE-2020-17498", "CVE-2020-17521", "CVE-2020-17530", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24583", "CVE-2020-24584", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25020", "CVE-2020-2555", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866", "CVE-2020-26575", "CVE-2020-27216", "CVE-2020-35460", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-5421", "CVE-2020-7064", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8265", "CVE-2020-8277", "CVE-2020-8287", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-1993", "CVE-2021-1994", "CVE-2021-1995", "CVE-2021-1996", "CVE-2021-1997", "CVE-2021-1998", "CVE-2021-1999", "CVE-2021-2000", "CVE-2021-2001", "CVE-2021-2002", "CVE-2021-2003", "CVE-2021-2004", "CVE-2021-2005", "CVE-2021-2006", "CVE-2021-2007", "CVE-2021-2009", "CVE-2021-2010", "CVE-2021-2011", "CVE-2021-2012", "CVE-2021-2013", "CVE-2021-2014", "CVE-2021-2015", "CVE-2021-2016", "CVE-2021-2017", "CVE-2021-2018", "CVE-2021-2019", "CVE-2021-2020", "CVE-2021-2021", "CVE-2021-2022", "CVE-2021-2023", "CVE-2021-2024", "CVE-2021-2025", "CVE-2021-2026", "CVE-2021-2027", "CVE-2021-2028", "CVE-2021-2029", "CVE-2021-2030", "CVE-2021-2031", "CVE-2021-2032", "CVE-2021-2033", "CVE-2021-2034", "CVE-2021-2035", "CVE-2021-2036", "CVE-2021-2038", "CVE-2021-2039", "CVE-2021-2040", "CVE-2021-2041", "CVE-2021-2042", "CVE-2021-2043", "CVE-2021-2044", "CVE-2021-2045", "CVE-2021-2046", "CVE-2021-2047", "CVE-2021-2048", "CVE-2021-2049", "CVE-2021-2050", "CVE-2021-2051", "CVE-2021-2052", "CVE-2021-2054", "CVE-2021-2055", "CVE-2021-2056", "CVE-2021-2057", "CVE-2021-2058", "CVE-2021-2059", "CVE-2021-2060", "CVE-2021-2061", "CVE-2021-2062", "CVE-2021-2063", "CVE-2021-2064", "CVE-2021-2065", "CVE-2021-2066", "CVE-2021-2067", "CVE-2021-2068", "CVE-2021-2069", "CVE-2021-2070", "CVE-2021-2071", "CVE-2021-2072", "CVE-2021-2073", "CVE-2021-2074", "CVE-2021-2075", "CVE-2021-2076", "CVE-2021-2077", "CVE-2021-2078", "CVE-2021-2079", "CVE-2021-2080", "CVE-2021-2081", "CVE-2021-2082", "CVE-2021-2083", "CVE-2021-2084", "CVE-2021-2085", "CVE-2021-2086", "CVE-2021-2087", "CVE-2021-2088", "CVE-2021-2089", "CVE-2021-2090", "CVE-2021-2091", "CVE-2021-2092", "CVE-2021-2093", "CVE-2021-2094", "CVE-2021-2096", "CVE-2021-2097", "CVE-2021-2098", "CVE-2021-2099", "CVE-2021-2100", "CVE-2021-2101", "CVE-2021-2102", "CVE-2021-2103", "CVE-2021-2104", "CVE-2021-2105", "CVE-2021-2106", "CVE-2021-2107", "CVE-2021-2108", "CVE-2021-2109", "CVE-2021-2110", "CVE-2021-2111", "CVE-2021-2112", "CVE-2021-2113", "CVE-2021-2114", "CVE-2021-2115", "CVE-2021-2116", "CVE-2021-2117", "CVE-2021-2118", "CVE-2021-2119", "CVE-2021-2120", "CVE-2021-2121", "CVE-2021-2122", "CVE-2021-2123", "CVE-2021-2124", "CVE-2021-2125", "CVE-2021-2126", "CVE-2021-2127", "CVE-2021-2128", "CVE-2021-2129", "CVE-2021-2130", "CVE-2021-2131"], "modified": "2021-02-22T00:00:00", "id": "ORACLE:CPUJAN2021", "href": "https://www.oracle.com/security-alerts/cpujan2021.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T15:44:17", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 342 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2788740.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-07-20T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - July 2021", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0881", "CVE-2015-0254", "CVE-2016-0762", "CVE-2016-4429", "CVE-2017-14735", "CVE-2017-16931", "CVE-2017-3735", "CVE-2017-5461", "CVE-2017-5637", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-9735", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-15686", "CVE-2018-21010", "CVE-2018-7160", "CVE-2018-7183", "CVE-2019-0190", "CVE-2019-0201", "CVE-2019-0205", "CVE-2019-0210", "CVE-2019-0219", "CVE-2019-0228", "CVE-2019-10086", "CVE-2019-10173", "CVE-2019-10746", "CVE-2019-11358", "CVE-2019-12260", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12973", "CVE-2019-13990", "CVE-2019-15604", "CVE-2019-15605", "CVE-2019-15606", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17195", "CVE-2019-17531", "CVE-2019-17543", "CVE-2019-17545", "CVE-2019-17566", "CVE-2019-20330", "CVE-2019-2725", "CVE-2019-2729", "CVE-2019-2897", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5063", "CVE-2019-5064", "CVE-2020-10543", "CVE-2020-10683", "CVE-2020-10878", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11612", "CVE-2020-11868", "CVE-2020-11973", "CVE-2020-11979", "CVE-2020-11987", "CVE-2020-11988", "CVE-2020-11998", "CVE-2020-12723", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-13949", "CVE-2020-13956", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-14756", "CVE-2020-15389", "CVE-2020-17521", "CVE-2020-17527", "CVE-2020-17530", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24553", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-2555", "CVE-2020-25638", "CVE-2020-25648", "CVE-2020-25649", "CVE-2020-2604", "CVE-2020-26217", "CVE-2020-26870", "CVE-2020-27193", "CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27783", "CVE-2020-27814", "CVE-2020-27841", "CVE-2020-27842", "CVE-2020-27843", "CVE-2020-27844", "CVE-2020-27845", "CVE-2020-28052", "CVE-2020-28196", "CVE-2020-28928", "CVE-2020-29582", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-5258", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-5413", "CVE-2020-5421", "CVE-2020-7016", "CVE-2020-7017", "CVE-2020-7712", "CVE-2020-7733", "CVE-2020-7760", "CVE-2020-8174", "CVE-2020-8203", "CVE-2020-8277", "CVE-2020-8284", "CVE-2020-8285", "CVE-2020-8286", "CVE-2020-8554", "CVE-2020-8908", "CVE-2020-9484", "CVE-2020-9489", "CVE-2021-20190", "CVE-2021-20227", "CVE-2021-21275", "CVE-2021-21290", "CVE-2021-21341", "CVE-2021-21342", "CVE-2021-21343", "CVE-2021-21344", "CVE-2021-21345", "CVE-2021-21346", "CVE-2021-21347", "CVE-2021-21348", "CVE-2021-21349", "CVE-2021-21350", "CVE-2021-21351", "CVE-2021-21409", "CVE-2021-22112", "CVE-2021-22118", "CVE-2021-2244", "CVE-2021-22876", "CVE-2021-22883", "CVE-2021-22884", "CVE-2021-22890", "CVE-2021-22897", "CVE-2021-22898", "CVE-2021-22901", "CVE-2021-2323", "CVE-2021-2324", "CVE-2021-2326", "CVE-2021-2328", "CVE-2021-2329", "CVE-2021-2330", "CVE-2021-2333", "CVE-2021-23336", "CVE-2021-2334", "CVE-2021-2335", "CVE-2021-2336", "CVE-2021-2337", "CVE-2021-2338", "CVE-2021-2339", "CVE-2021-2340", "CVE-2021-2341", "CVE-2021-2342", "CVE-2021-2343", "CVE-2021-2344", "CVE-2021-2345", "CVE-2021-2346", "CVE-2021-2347", "CVE-2021-2348", "CVE-2021-2349", "CVE-2021-2350", "CVE-2021-2351", "CVE-2021-2352", "CVE-2021-2353", "CVE-2021-2354", "CVE-2021-2355", "CVE-2021-2356", "CVE-2021-2357", "CVE-2021-2358", "CVE-2021-2359", "CVE-2021-2360", "CVE-2021-2361", "CVE-2021-2362", "CVE-2021-2363", "CVE-2021-2364", "CVE-2021-2365", "CVE-2021-2366", "CVE-2021-2367", "CVE-2021-2368", "CVE-2021-2369", "CVE-2021-2370", "CVE-2021-2371", "CVE-2021-2372", "CVE-2021-2373", "CVE-2021-2374", "CVE-2021-2375", "CVE-2021-2376", "CVE-2021-2377", "CVE-2021-2378", "CVE-2021-2380", "CVE-2021-2381", "CVE-2021-2382", "CVE-2021-2383", "CVE-2021-23839", "CVE-2021-2384", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-2385", "CVE-2021-2386", "CVE-2021-2387", "CVE-2021-2388", "CVE-2021-2389", "CVE-2021-2390", "CVE-2021-2391", "CVE-2021-2392", "CVE-2021-2393", "CVE-2021-2394", "CVE-2021-2395", "CVE-2021-2396", "CVE-2021-2397", "CVE-2021-2398", "CVE-2021-2399", "CVE-2021-2400", "CVE-2021-2401", "CVE-2021-2402", "CVE-2021-2403", "CVE-2021-2404", "CVE-2021-2405", "CVE-2021-2406", "CVE-2021-2407", "CVE-2021-2408", "CVE-2021-2409", "CVE-2021-2410", "CVE-2021-2411", "CVE-2021-2412", "CVE-2021-24122", "CVE-2021-2415", "CVE-2021-2417", "CVE-2021-2418", "CVE-2021-2419", "CVE-2021-2420", "CVE-2021-2421", "CVE-2021-2422", "CVE-2021-2423", "CVE-2021-2424", "CVE-2021-2425", "CVE-2021-2426", "CVE-2021-2427", "CVE-2021-2428", "CVE-2021-2429", "CVE-2021-2430", "CVE-2021-2431", "CVE-2021-2432", "CVE-2021-2433", "CVE-2021-2434", "CVE-2021-2435", "CVE-2021-2436", "CVE-2021-2437", "CVE-2021-2438", "CVE-2021-2439", "CVE-2021-2440", "CVE-2021-2441", "CVE-2021-2442", "CVE-2021-2443", "CVE-2021-2444", "CVE-2021-2445", "CVE-2021-2446", "CVE-2021-2447", "CVE-2021-2448", "CVE-2021-2449", "CVE-2021-2450", "CVE-2021-2451", "CVE-2021-2452", "CVE-2021-2453", "CVE-2021-2454", "CVE-2021-2455", "CVE-2021-2456", "CVE-2021-2457", "CVE-2021-2458", "CVE-2021-2460", "CVE-2021-2462", "CVE-2021-2463", "CVE-2021-25122", "CVE-2021-25329", "CVE-2021-26117", "CVE-2021-26271", "CVE-2021-26272", "CVE-2021-27568", "CVE-2021-27807", "CVE-2021-27906", "CVE-2021-28041", "CVE-2021-29921", "CVE-2021-30369", "CVE-2021-30640", "CVE-2021-3156", "CVE-2021-3177", "CVE-2021-31811", "CVE-2021-33037", "CVE-2021-3345", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-3520", "CVE-2021-3560"], "modified": "2021-09-03T00:00:00", "id": "ORACLE:CPUJUL2021", "href": "https://www.oracle.com/security-alerts/cpujul2021.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T15:44:16", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 391 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ April 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2765149.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-04-20T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - April 2021", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-2542", "CVE-2016-5725", "CVE-2016-7103", "CVE-2017-1000061", "CVE-2017-12626", "CVE-2017-14735", "CVE-2017-18640", "CVE-2017-5645", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000632", "CVE-2018-1285", "CVE-2018-14040", "CVE-2018-14041", "CVE-2018-14042", "CVE-2018-14550", "CVE-2018-14613", "CVE-2018-16884", "CVE-2018-20843", "CVE-2018-8032", "CVE-2019-0219", "CVE-2019-0221", "CVE-2019-0227", "CVE-2019-0228", "CVE-2019-0230", "CVE-2019-0232", "CVE-2019-0233", "CVE-2019-10072", "CVE-2019-10080", "CVE-2019-10086", "CVE-2019-10098", "CVE-2019-10173", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10638", "CVE-2019-10639", "CVE-2019-11358", "CVE-2019-11487", "CVE-2019-11599", "CVE-2019-12086", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-12406", "CVE-2019-1241", "CVE-2019-12415", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-14379", "CVE-2019-14898", "CVE-2019-15218", "CVE-2019-1551", "CVE-2019-16746", "CVE-2019-16942", "CVE-2019-17075", "CVE-2019-17133", "CVE-2019-17195", "CVE-2019-17495", "CVE-2019-17566", "CVE-2019-17571", "CVE-2019-17573", "CVE-2019-17632", "CVE-2019-17638", "CVE-2019-18885", "CVE-2019-19052", "CVE-2019-19063", "CVE-2019-19066", "CVE-2019-19073", "CVE-2019-19074", "CVE-2019-19078", "CVE-2019-19535", "CVE-2019-19922", "CVE-2019-20812", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-3773", "CVE-2019-3874", "CVE-2019-3900", "CVE-2019-5063", "CVE-2019-5064", "CVE-2019-5108", "CVE-2019-5428", "CVE-2019-7317", "CVE-2019-8331", "CVE-2020-10188", "CVE-2020-10543", "CVE-2020-10683", "CVE-2020-10751", "CVE-2020-10769", "CVE-2020-10878", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11612", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11973", "CVE-2020-11979", "CVE-2020-11987", "CVE-2020-11994", "CVE-2020-11998", "CVE-2020-12114", "CVE-2020-12723", "CVE-2020-12771", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13871", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-13943", "CVE-2020-13954", "CVE-2020-13956", "CVE-2020-14039", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-1472", "CVE-2020-15358", "CVE-2020-15586", "CVE-2020-16166", "CVE-2020-16845", "CVE-2020-17521", "CVE-2020-17527", "CVE-2020-17530", "CVE-2020-1927", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24394", "CVE-2020-24553", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25649", "CVE-2020-26217", "CVE-2020-26418", "CVE-2020-26419", "CVE-2020-26420", "CVE-2020-26421", "CVE-2020-26422", "CVE-2020-27193", "CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27223", "CVE-2020-27841", "CVE-2020-27842", "CVE-2020-27843", "CVE-2020-27844", "CVE-2020-27845", "CVE-2020-28052", "CVE-2020-28196", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-5359", "CVE-2020-5360", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-5413", "CVE-2020-5421", "CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7069", "CVE-2020-7760", "CVE-2020-7774", "CVE-2020-7919", "CVE-2020-8203", "CVE-2020-8277", "CVE-2020-8284", "CVE-2020-8285", "CVE-2020-8286", "CVE-2020-8908", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9480", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9489", "CVE-2021-2008", "CVE-2021-20227", "CVE-2021-2053", "CVE-2021-21290", "CVE-2021-2134", "CVE-2021-21345", "CVE-2021-2135", "CVE-2021-2136", "CVE-2021-2140", "CVE-2021-2141", "CVE-2021-2142", "CVE-2021-2144", "CVE-2021-2145", "CVE-2021-2146", "CVE-2021-2147", "CVE-2021-2149", "CVE-2021-2150", "CVE-2021-2151", "CVE-2021-2152", "CVE-2021-2153", "CVE-2021-2154", "CVE-2021-2155", "CVE-2021-2156", "CVE-2021-2157", "CVE-2021-2158", "CVE-2021-2159", "CVE-2021-2160", "CVE-2021-2161", "CVE-2021-2162", "CVE-2021-2163", "CVE-2021-2164", "CVE-2021-2166", "CVE-2021-2167", "CVE-2021-2169", "CVE-2021-2170", "CVE-2021-2171", "CVE-2021-2172", "CVE-2021-2173", "CVE-2021-2174", "CVE-2021-2175", "CVE-2021-2177", "CVE-2021-2178", "CVE-2021-2179", "CVE-2021-2180", "CVE-2021-2181", "CVE-2021-2182", "CVE-2021-2183", "CVE-2021-2184", "CVE-2021-2185", "CVE-2021-2186", "CVE-2021-2187", "CVE-2021-2188", "CVE-2021-2189", "CVE-2021-2190", "CVE-2021-2191", "CVE-2021-2192", "CVE-2021-2193", "CVE-2021-2194", "CVE-2021-2195", "CVE-2021-2196", "CVE-2021-2197", "CVE-2021-2198", "CVE-2021-2199", "CVE-2021-2200", "CVE-2021-2201", "CVE-2021-2202", "CVE-2021-2203", "CVE-2021-2204", "CVE-2021-2205", "CVE-2021-2206", "CVE-2021-2207", "CVE-2021-2208", "CVE-2021-2209", "CVE-2021-2210", "CVE-2021-2211", "CVE-2021-22112", "CVE-2021-2212", "CVE-2021-2213", "CVE-2021-2214", "CVE-2021-2215", "CVE-2021-2216", "CVE-2021-2217", "CVE-2021-22173", "CVE-2021-22174", "CVE-2021-2218", "CVE-2021-2219", "CVE-2021-22191", "CVE-2021-2220", "CVE-2021-2221", "CVE-2021-2222", "CVE-2021-2223", "CVE-2021-2224", "CVE-2021-2225", "CVE-2021-2226", "CVE-2021-2227", "CVE-2021-2228", "CVE-2021-2229", "CVE-2021-2230", "CVE-2021-2231", "CVE-2021-2232", "CVE-2021-2233", "CVE-2021-2234", "CVE-2021-2235", "CVE-2021-2236", "CVE-2021-2237", "CVE-2021-2238", "CVE-2021-2239", "CVE-2021-2240", "CVE-2021-2241", "CVE-2021-2242", "CVE-2021-2244", "CVE-2021-2245", "CVE-2021-2246", "CVE-2021-2247", "CVE-2021-2248", "CVE-2021-2249", "CVE-2021-2250", "CVE-2021-2251", "CVE-2021-2252", "CVE-2021-2253", "CVE-2021-2254", "CVE-2021-2255", "CVE-2021-2256", "CVE-2021-2257", "CVE-2021-2258", "CVE-2021-2259", "CVE-2021-2260", "CVE-2021-2261", "CVE-2021-2262", "CVE-2021-2263", "CVE-2021-2264", "CVE-2021-2266", "CVE-2021-2267", "CVE-2021-2268", "CVE-2021-2269", "CVE-2021-2270", "CVE-2021-2271", "CVE-2021-2272", "CVE-2021-2273", "CVE-2021-2274", "CVE-2021-2275", "CVE-2021-2276", "CVE-2021-2277", "CVE-2021-2278", "CVE-2021-2279", "CVE-2021-2280", "CVE-2021-2281", "CVE-2021-2282", "CVE-2021-2283", "CVE-2021-2284", "CVE-2021-2285", "CVE-2021-2286", "CVE-2021-2287", "CVE-2021-2288", "CVE-2021-22883", "CVE-2021-22884", "CVE-2021-2289", "CVE-2021-2290", "CVE-2021-2291", "CVE-2021-2292", "CVE-2021-2293", "CVE-2021-2294", "CVE-2021-2295", "CVE-2021-2296", "CVE-2021-2297", "CVE-2021-2298", "CVE-2021-2299", "CVE-2021-2300", "CVE-2021-2301", "CVE-2021-2302", "CVE-2021-2303", "CVE-2021-2304", "CVE-2021-2305", "CVE-2021-2306", "CVE-2021-2307", "CVE-2021-2308", "CVE-2021-2309", "CVE-2021-2310", "CVE-2021-2311", "CVE-2021-2312", "CVE-2021-2314", "CVE-2021-2315", "CVE-2021-2316", "CVE-2021-2317", "CVE-2021-2318", "CVE-2021-2319", "CVE-2021-2320", "CVE-2021-2321", "CVE-2021-23336", "CVE-2021-23839", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-3449", "CVE-2021-3450"], "modified": "2021-09-04T00:00:00", "id": "ORACLE:CPUAPR2021", "href": "https://www.oracle.com/security-alerts/cpuapr2021.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-01-19T11:29:27", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 419 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2809080.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2021-10-19T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - October 2021", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-0762", "CVE-2016-1000031", "CVE-2016-2183", "CVE-2016-5018", "CVE-2016-6794", "CVE-2016-6796", "CVE-2016-6797", "CVE-2017-5645", "CVE-2017-9841", "CVE-2018-10237", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1275", "CVE-2018-14550", "CVE-2018-15756", "CVE-2018-20031", "CVE-2018-20032", "CVE-2018-20033", "CVE-2018-20034", "CVE-2018-20843", "CVE-2018-8032", "CVE-2018-8088", "CVE-2019-0227", "CVE-2019-0228", "CVE-2019-0230", "CVE-2019-0233", "CVE-2019-10082", "CVE-2019-10086", "CVE-2019-11358", "CVE-2019-12400", "CVE-2019-12415", "CVE-2019-13990", "CVE-2019-16775", "CVE-2019-17195", "CVE-2019-17566", "CVE-2019-17567", "CVE-2019-20388", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5427", "CVE-2019-7317", "CVE-2020-10543", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11979", "CVE-2020-11987", "CVE-2020-11988", "CVE-2020-11994", "CVE-2020-11998", "CVE-2020-12723", "CVE-2020-13947", "CVE-2020-13950", "CVE-2020-13954", "CVE-2020-13956", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-15824", "CVE-2020-17521", "CVE-2020-17530", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-24977", "CVE-2020-25648", "CVE-2020-25649", "CVE-2020-26116", "CVE-2020-26137", "CVE-2020-26217", "CVE-2020-27193", "CVE-2020-27216", "CVE-2020-27218", "CVE-2020-27824", "CVE-2020-28052", "CVE-2020-28500", "CVE-2020-28928", "CVE-2020-29661", "CVE-2020-35452", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-5258", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-5413", "CVE-2020-6950", "CVE-2020-7065", "CVE-2020-7069", "CVE-2020-7071", "CVE-2020-7226", "CVE-2020-7595", "CVE-2020-8203", "CVE-2020-8277", "CVE-2020-8622", "CVE-2020-8908", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-20227", "CVE-2021-20265", "CVE-2021-21290", "CVE-2021-21341", "CVE-2021-21342", "CVE-2021-21343", "CVE-2021-21344", "CVE-2021-21345", "CVE-2021-21346", "CVE-2021-21347", "CVE-2021-21348", "CVE-2021-21349", "CVE-2021-21350", "CVE-2021-21351", "CVE-2021-2137", "CVE-2021-21409", "CVE-2021-21702", "CVE-2021-21783", "CVE-2021-22112", "CVE-2021-22118", "CVE-2021-22207", "CVE-2021-22222", "CVE-2021-22696", "CVE-2021-22883", "CVE-2021-22884", "CVE-2021-22922", "CVE-2021-22923", "CVE-2021-22924", "CVE-2021-22925", "CVE-2021-22926", "CVE-2021-22931", "CVE-2021-22939", "CVE-2021-22940", "CVE-2021-22945", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23017", "CVE-2021-2332", "CVE-2021-23336", "CVE-2021-23337", "CVE-2021-2341", "CVE-2021-2351", "CVE-2021-2369", "CVE-2021-23839", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-2388", "CVE-2021-23926", "CVE-2021-2414", "CVE-2021-2416", "CVE-2021-2432", "CVE-2021-2461", "CVE-2021-2471", "CVE-2021-2474", "CVE-2021-2475", "CVE-2021-2476", "CVE-2021-2477", "CVE-2021-2478", "CVE-2021-2479", "CVE-2021-2480", "CVE-2021-2481", "CVE-2021-2482", "CVE-2021-2483", "CVE-2021-2484", "CVE-2021-2485", "CVE-2021-25122", "CVE-2021-25215", "CVE-2021-25329", "CVE-2021-26117", "CVE-2021-26271", "CVE-2021-26272", "CVE-2021-26690", "CVE-2021-26691", "CVE-2021-27290", "CVE-2021-27364", "CVE-2021-27365", "CVE-2021-27807", "CVE-2021-27906", "CVE-2021-28163", "CVE-2021-28164", "CVE-2021-28165", "CVE-2021-28169", "CVE-2021-28363", "CVE-2021-28657", "CVE-2021-28957", "CVE-2021-29425", "CVE-2021-29505", "CVE-2021-29921", "CVE-2021-30369", "CVE-2021-30468", "CVE-2021-30640", "CVE-2021-30641", "CVE-2021-3156", "CVE-2021-31618", "CVE-2021-3177", "CVE-2021-31811", "CVE-2021-31812", "CVE-2021-32803", "CVE-2021-32804", "CVE-2021-32808", "CVE-2021-32809", "CVE-2021-33037", "CVE-2021-33503", "CVE-2021-33560", "CVE-2021-3426", "CVE-2021-34428", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-34558", "CVE-2021-35043", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3520", "CVE-2021-3522", "CVE-2021-3537", "CVE-2021-35515", "CVE-2021-35516", "CVE-2021-35517", "CVE-2021-35536", "CVE-2021-35537", "CVE-2021-35538", "CVE-2021-35539", "CVE-2021-35540", "CVE-2021-35541", "CVE-2021-35542", "CVE-2021-35543", "CVE-2021-35545", "CVE-2021-35546", "CVE-2021-35549", "CVE-2021-35550", "CVE-2021-35551", "CVE-2021-35552", "CVE-2021-35553", "CVE-2021-35554", "CVE-2021-35556", "CVE-2021-35557", "CVE-2021-35558", "CVE-2021-35559", "CVE-2021-35560", "CVE-2021-35561", "CVE-2021-35562", "CVE-2021-35563", "CVE-2021-35564", "CVE-2021-35565", "CVE-2021-35566", "CVE-2021-35567", "CVE-2021-35568", "CVE-2021-35569", "CVE-2021-35570", "CVE-2021-35571", "CVE-2021-35572", "CVE-2021-35573", "CVE-2021-35574", "CVE-2021-35575", "CVE-2021-35576", "CVE-2021-35577", "CVE-2021-35578", "CVE-2021-35580", "CVE-2021-35581", "CVE-2021-35582", "CVE-2021-35583", "CVE-2021-35584", "CVE-2021-35585", "CVE-2021-35586", "CVE-2021-35588", "CVE-2021-35589", "CVE-2021-35590", "CVE-2021-35591", "CVE-2021-35592", "CVE-2021-35593", "CVE-2021-35594", "CVE-2021-35595", "CVE-2021-35596", "CVE-2021-35597", "CVE-2021-35598", "CVE-2021-35599", "CVE-2021-35601", "CVE-2021-35602", "CVE-2021-35603", "CVE-2021-35604", "CVE-2021-35606", "CVE-2021-35607", "CVE-2021-35608", "CVE-2021-35609", "CVE-2021-35610", "CVE-2021-35611", "CVE-2021-35612", "CVE-2021-35613", "CVE-2021-35616", "CVE-2021-35617", "CVE-2021-35618", "CVE-2021-35619", "CVE-2021-35620", "CVE-2021-35621", "CVE-2021-35622", "CVE-2021-35623", "CVE-2021-35624", "CVE-2021-35625", "CVE-2021-35626", "CVE-2021-35627", "CVE-2021-35628", "CVE-2021-35629", "CVE-2021-35630", "CVE-2021-35631", "CVE-2021-35632", "CVE-2021-35633", "CVE-2021-35634", "CVE-2021-35635", "CVE-2021-35636", "CVE-2021-35637", "CVE-2021-35638", "CVE-2021-35639", "CVE-2021-35640", "CVE-2021-35641", "CVE-2021-35642", "CVE-2021-35643", "CVE-2021-35644", "CVE-2021-35645", "CVE-2021-35646", "CVE-2021-35647", "CVE-2021-35648", "CVE-2021-35649", "CVE-2021-35650", "CVE-2021-35651", "CVE-2021-35652", "CVE-2021-35653", "CVE-2021-35654", "CVE-2021-35655", "CVE-2021-35656", "CVE-2021-35657", "CVE-2021-35658", "CVE-2021-35659", "CVE-2021-35660", "CVE-2021-35661", "CVE-2021-35662", "CVE-2021-35665", "CVE-2021-35666", "CVE-2021-36090", "CVE-2021-36222", "CVE-2021-36373", "CVE-2021-36374", "CVE-2021-3711", "CVE-2021-3712", "CVE-2021-37695", "CVE-2021-37701", "CVE-2021-37712", "CVE-2021-37713", "CVE-2021-39134", "CVE-2021-39135"], "modified": "2022-01-18T00:00:00", "id": "ORACLE:CPUOCT2021", "href": "https://www.oracle.com/security-alerts/cpuoct2021.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T15:44:19", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Please refer to:\n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/security-alerts>) for information about Oracle Security advisories.\n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 444 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2684313.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-07-14T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - July 2020", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7501", "CVE-2015-8607", "CVE-2015-8608", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1181", "CVE-2016-1182", "CVE-2016-1923", "CVE-2016-1924", "CVE-2016-2183", "CVE-2016-2381", "CVE-2016-3183", "CVE-2016-4000", "CVE-2016-4796", "CVE-2016-4797", "CVE-2016-5017", "CVE-2016-5019", "CVE-2016-6306", "CVE-2016-6814", "CVE-2016-8332", "CVE-2016-8610", "CVE-2016-9112", "CVE-2016-9840", "CVE-2016-9841", "CVE-2016-9842", "CVE-2016-9843", "CVE-2017-0861", "CVE-2017-10140", "CVE-2017-12610", "CVE-2017-12626", "CVE-2017-12814", "CVE-2017-12837", "CVE-2017-12883", "CVE-2017-15265", "CVE-2017-15708", "CVE-2017-5637", "CVE-2017-5645", "CVE-2018-1000004", "CVE-2018-1000632", "CVE-2018-10237", "CVE-2018-10675", "CVE-2018-10872", "CVE-2018-10901", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11776", "CVE-2018-1199", "CVE-2018-12015", "CVE-2018-12023", "CVE-2018-12207", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-1270", "CVE-2018-1271", "CVE-2018-1272", "CVE-2018-1275", "CVE-2018-1288", "CVE-2018-15756", "CVE-2018-15769", "CVE-2018-17190", "CVE-2018-17196", "CVE-2018-18311", "CVE-2018-18312", "CVE-2018-18313", "CVE-2018-18314", "CVE-2018-3620", "CVE-2018-3639", "CVE-2018-3646", "CVE-2018-3665", "CVE-2018-3693", "CVE-2018-5390", "CVE-2018-6616", "CVE-2018-6797", "CVE-2018-6798", "CVE-2018-6913", "CVE-2018-7566", "CVE-2018-8012", "CVE-2018-8013", "CVE-2018-8032", "CVE-2018-8088", "CVE-2019-0188", "CVE-2019-0201", "CVE-2019-0220", "CVE-2019-0222", "CVE-2019-0227", "CVE-2019-10081", "CVE-2019-10082", "CVE-2019-10086", "CVE-2019-10092", "CVE-2019-10097", "CVE-2019-10192", "CVE-2019-10193", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-11358", "CVE-2019-12086", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12423", "CVE-2019-12814", "CVE-2019-12973", "CVE-2019-13990", "CVE-2019-14379", "CVE-2019-14439", "CVE-2019-14540", "CVE-2019-14862", "CVE-2019-14893", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1551", "CVE-2019-1552", "CVE-2019-1563", "CVE-2019-16056", "CVE-2019-16335", "CVE-2019-16935", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17531", "CVE-2019-17560", "CVE-2019-17561", "CVE-2019-17563", "CVE-2019-17569", "CVE-2019-17571", "CVE-2019-17573", "CVE-2019-19956", "CVE-2019-20330", "CVE-2019-20388", "CVE-2019-2094", "CVE-2019-2725", "CVE-2019-2729", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5427", "CVE-2019-5489", "CVE-2019-8457", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14527", "CVE-2020-14528", "CVE-2020-14529", "CVE-2020-14530", "CVE-2020-14531", "CVE-2020-14532", "CVE-2020-14533", "CVE-2020-14534", "CVE-2020-14535", "CVE-2020-14536", "CVE-2020-14537", "CVE-2020-14539", "CVE-2020-14540", "CVE-2020-14541", "CVE-2020-14542", "CVE-2020-14543", "CVE-2020-14544", "CVE-2020-14545", "CVE-2020-14546", "CVE-2020-14547", "CVE-2020-14548", "CVE-2020-14549", "CVE-2020-14550", "CVE-2020-14551", "CVE-2020-14552", "CVE-2020-14553", "CVE-2020-14554", "CVE-2020-14555", "CVE-2020-14556", "CVE-2020-14557", "CVE-2020-14558", "CVE-2020-14559", "CVE-2020-14560", "CVE-2020-14561", "CVE-2020-14562", "CVE-2020-14563", "CVE-2020-14564", "CVE-2020-14565", "CVE-2020-14566", "CVE-2020-14567", "CVE-2020-14568", "CVE-2020-14569", "CVE-2020-14570", "CVE-2020-14571", "CVE-2020-14572", "CVE-2020-14573", "CVE-2020-14574", "CVE-2020-14575", "CVE-2020-14576", "CVE-2020-14577", "CVE-2020-14578", "CVE-2020-14579", "CVE-2020-14580", "CVE-2020-14581", "CVE-2020-14582", "CVE-2020-14583", "CVE-2020-14584", "CVE-2020-14585", "CVE-2020-14586", "CVE-2020-14587", "CVE-2020-14588", "CVE-2020-14589", "CVE-2020-14590", "CVE-2020-14591", "CVE-2020-14592", "CVE-2020-14593", "CVE-2020-14594", "CVE-2020-14595", "CVE-2020-14596", "CVE-2020-14597", "CVE-2020-14598", "CVE-2020-14599", "CVE-2020-14600", "CVE-2020-14601", "CVE-2020-14602", "CVE-2020-14603", "CVE-2020-14604", "CVE-2020-14605", "CVE-2020-14606", "CVE-2020-14607", "CVE-2020-14608", "CVE-2020-14609", "CVE-2020-14610", "CVE-2020-14611", "CVE-2020-14612", "CVE-2020-14613", "CVE-2020-14614", "CVE-2020-14615", "CVE-2020-14616", "CVE-2020-14617", "CVE-2020-14618", "CVE-2020-14619", "CVE-2020-14620", "CVE-2020-14621", "CVE-2020-14622", "CVE-2020-14623", "CVE-2020-14624", "CVE-2020-14625", "CVE-2020-14626", "CVE-2020-14627", "CVE-2020-14628", "CVE-2020-14629", "CVE-2020-14630", "CVE-2020-14631", "CVE-2020-14632", "CVE-2020-14633", "CVE-2020-14634", "CVE-2020-14635", "CVE-2020-14636", "CVE-2020-14637", "CVE-2020-14638", "CVE-2020-14639", "CVE-2020-14640", "CVE-2020-14641", "CVE-2020-14642", "CVE-2020-14643", "CVE-2020-14644", "CVE-2020-14645", "CVE-2020-14646", "CVE-2020-14647", "CVE-2020-14648", "CVE-2020-14649", "CVE-2020-14650", "CVE-2020-14651", "CVE-2020-14652", "CVE-2020-14653", "CVE-2020-14654", "CVE-2020-14655", "CVE-2020-14656", "CVE-2020-14657", "CVE-2020-14658", "CVE-2020-14659", "CVE-2020-14660", "CVE-2020-14661", "CVE-2020-14662", "CVE-2020-14663", "CVE-2020-14664", "CVE-2020-14665", "CVE-2020-14666", "CVE-2020-14667", "CVE-2020-14668", "CVE-2020-14669", "CVE-2020-14670", "CVE-2020-14671", "CVE-2020-14673", "CVE-2020-14674", "CVE-2020-14675", "CVE-2020-14676", "CVE-2020-14677", "CVE-2020-14678", "CVE-2020-14679", "CVE-2020-14680", "CVE-2020-14681", "CVE-2020-14682", "CVE-2020-14684", "CVE-2020-14685", "CVE-2020-14686", "CVE-2020-14687", "CVE-2020-14688", "CVE-2020-14690", "CVE-2020-14691", "CVE-2020-14692", "CVE-2020-14693", "CVE-2020-14694", "CVE-2020-14695", "CVE-2020-14696", "CVE-2020-14697", "CVE-2020-14698", "CVE-2020-14699", "CVE-2020-14700", "CVE-2020-14701", "CVE-2020-14702", "CVE-2020-14703", "CVE-2020-14704", "CVE-2020-14705", "CVE-2020-14706", "CVE-2020-14707", "CVE-2020-14708", "CVE-2020-14709", "CVE-2020-14710", "CVE-2020-14711", "CVE-2020-14712", "CVE-2020-14713", "CVE-2020-14714", "CVE-2020-14715", "CVE-2020-14716", "CVE-2020-14717", "CVE-2020-14718", "CVE-2020-14719", "CVE-2020-14720", "CVE-2020-14721", "CVE-2020-14722", "CVE-2020-14723", "CVE-2020-14724", "CVE-2020-14725", "CVE-2020-1927", "CVE-2020-1934", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-1967", "CVE-2020-2513", "CVE-2020-2555", "CVE-2020-2562", "CVE-2020-2966", "CVE-2020-2967", "CVE-2020-2968", "CVE-2020-2969", "CVE-2020-2971", "CVE-2020-2972", "CVE-2020-2973", "CVE-2020-2974", "CVE-2020-2975", "CVE-2020-2976", "CVE-2020-2977", "CVE-2020-2978", "CVE-2020-2981", "CVE-2020-2982", "CVE-2020-2983", "CVE-2020-2984", "CVE-2020-5258", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-6851", "CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7595", "CVE-2020-8112", "CVE-2020-8172", "CVE-2020-9327", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-12-01T00:00:00", "id": "ORACLE:CPUJUL2020", "href": "https://www.oracle.com/security-alerts/cpujul2020.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-22T15:44:16", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n \nStarting with the October 2020 Critical Patch Update, Oracle lists updates that address vulnerabilities in third-party components which are not exploitable in the context of their inclusion in their respective Oracle product beneath the product's risk matrix. Oracle has published two versions of the October 2020 Critical Patch Update Advisory: this version of the advisory implemented the change in how non-exploitable vulnerabilities in third-party components are reported, and the \u201ctraditional\u201d advisory follows the same format as the previous advisories. The \u201ctraditional\u201d advisory is published at <https://www.oracle.com/security-alerts/cpuoct2020traditional.html>. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 403 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2712240.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 10.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 6.0}, "published": "2020-10-20T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - October 2020", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-7285", "CVE-2015-1832", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1000338", "CVE-2016-1000339", "CVE-2016-1000340", "CVE-2016-1000341", "CVE-2016-1000342", "CVE-2016-1000343", "CVE-2016-1000344", "CVE-2016-1000345", "CVE-2016-1000346", "CVE-2016-1000352", "CVE-2016-10244", "CVE-2016-10328", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-2183", "CVE-2016-2510", "CVE-2016-3189", "CVE-2016-4800", "CVE-2016-5000", "CVE-2016-5300", "CVE-2016-5725", "CVE-2016-6153", "CVE-2016-6306", "CVE-2016-8610", "CVE-2016-8734", "CVE-2017-10989", "CVE-2017-12626", "CVE-2017-13098", "CVE-2017-13685", "CVE-2017-13745", "CVE-2017-14232", "CVE-2017-15095", "CVE-2017-15286", "CVE-2017-17485", "CVE-2017-3164", "CVE-2017-5644", "CVE-2017-5645", "CVE-2017-5662", "CVE-2017-7525", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-7857", "CVE-2017-7858", "CVE-2017-7864", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9096", "CVE-2017-9735", "CVE-2017-9800", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000873", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-12536", "CVE-2018-12538", "CVE-2018-12545", "CVE-2018-14718", "CVE-2018-15769", "CVE-2018-17196", "CVE-2018-18873", "CVE-2018-19139", "CVE-2018-19539", "CVE-2018-19540", "CVE-2018-19541", "CVE-2018-19542", "CVE-2018-19543", "CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2018-20570", "CVE-2018-20584", "CVE-2018-20622", "CVE-2018-20843", "CVE-2018-2765", "CVE-2018-3693", "CVE-2018-5382", "CVE-2018-5968", "CVE-2018-6942", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8088", "CVE-2018-8740", "CVE-2018-9055", "CVE-2018-9154", "CVE-2018-9252", "CVE-2019-0192", "CVE-2019-0201", "CVE-2019-10072", "CVE-2019-10097", "CVE-2019-1010239", "CVE-2019-10173", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11048", "CVE-2019-11358", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11834", "CVE-2019-11835", "CVE-2019-11922", "CVE-2019-12086", "CVE-2019-12260", "CVE-2019-12261", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-12814", "CVE-2019-12900", "CVE-2019-13990", "CVE-2019-14379", "CVE-2019-14540", "CVE-2019-14893", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1552", "CVE-2019-1563", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17495", "CVE-2019-17531", "CVE-2019-17543", "CVE-2019-17558", "CVE-2019-17569", "CVE-2019-17632", "CVE-2019-17638", "CVE-2019-18348", "CVE-2019-20330", "CVE-2019-2897", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5018", "CVE-2019-5427", "CVE-2019-5435", "CVE-2019-5436", "CVE-2019-5443", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2019-9511", "CVE-2019-9513", "CVE-2019-9936", "CVE-2019-9937", "CVE-2020-10108", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11984", "CVE-2020-11993", "CVE-2020-11996", "CVE-2020-12243", "CVE-2020-12723", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-13920", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-14672", "CVE-2020-14731", "CVE-2020-14732", "CVE-2020-14734", "CVE-2020-14735", "CVE-2020-14736", "CVE-2020-14740", "CVE-2020-14741", "CVE-2020-14742", "CVE-2020-14743", "CVE-2020-14744", "CVE-2020-14745", "CVE-2020-14746", "CVE-2020-14752", "CVE-2020-14753", "CVE-2020-14754", "CVE-2020-14757", "CVE-2020-14758", "CVE-2020-14759", "CVE-2020-14760", "CVE-2020-14761", "CVE-2020-14762", "CVE-2020-14763", "CVE-2020-14764", "CVE-2020-14765", "CVE-2020-14766", "CVE-2020-14767", "CVE-2020-14768", "CVE-2020-14769", "CVE-2020-14770", "CVE-2020-14771", "CVE-2020-14772", "CVE-2020-14773", "CVE-2020-14774", "CVE-2020-14775", "CVE-2020-14776", "CVE-2020-14777", "CVE-2020-14778", "CVE-2020-14779", "CVE-2020-14780", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14783", "CVE-2020-14784", "CVE-2020-14785", "CVE-2020-14786", "CVE-2020-14787", "CVE-2020-14788", "CVE-2020-14789", "CVE-2020-14790", "CVE-2020-14791", "CVE-2020-14792", "CVE-2020-14793", "CVE-2020-14794", "CVE-2020-14795", "CVE-2020-14796", "CVE-2020-14797", "CVE-2020-14798", "CVE-2020-14799", "CVE-2020-14800", "CVE-2020-14801", "CVE-2020-14802", "CVE-2020-14803", "CVE-2020-14804", "CVE-2020-14805", "CVE-2020-14806", "CVE-2020-14807", "CVE-2020-14808", "CVE-2020-14809", "CVE-2020-14810", "CVE-2020-14811", "CVE-2020-14812", "CVE-2020-14813", "CVE-2020-14814", "CVE-2020-14815", "CVE-2020-14816", "CVE-2020-14817", "CVE-2020-14818", "CVE-2020-14819", "CVE-2020-14820", "CVE-2020-14821", "CVE-2020-14822", "CVE-2020-14823", "CVE-2020-14824", "CVE-2020-14825", "CVE-2020-14826", "CVE-2020-14827", "CVE-2020-14828", "CVE-2020-14829", "CVE-2020-14830", "CVE-2020-14831", "CVE-2020-14832", "CVE-2020-14833", "CVE-2020-14834", "CVE-2020-14835", "CVE-2020-14836", "CVE-2020-14837", "CVE-2020-14838", "CVE-2020-14839", "CVE-2020-14840", "CVE-2020-14841", "CVE-2020-14842", "CVE-2020-14843", "CVE-2020-14844", "CVE-2020-14845", "CVE-2020-14846", "CVE-2020-14847", "CVE-2020-14848", "CVE-2020-14849", "CVE-2020-14850", "CVE-2020-14851", "CVE-2020-14852", "CVE-2020-14853", "CVE-2020-14854", "CVE-2020-14855", "CVE-2020-14856", "CVE-2020-14857", "CVE-2020-14858", "CVE-2020-14859", "CVE-2020-14860", "CVE-2020-14861", "CVE-2020-14862", "CVE-2020-14863", "CVE-2020-14864", "CVE-2020-14865", "CVE-2020-14866", "CVE-2020-14867", "CVE-2020-14868", "CVE-2020-14869", "CVE-2020-14870", "CVE-2020-14871", "CVE-2020-14872", "CVE-2020-14873", "CVE-2020-14875", "CVE-2020-14876", "CVE-2020-14877", "CVE-2020-14878", "CVE-2020-14879", "CVE-2020-14880", "CVE-2020-14881", "CVE-2020-14882", "CVE-2020-14883", "CVE-2020-14884", "CVE-2020-14885", "CVE-2020-14886", "CVE-2020-14887", "CVE-2020-14888", "CVE-2020-14889", "CVE-2020-14890", "CVE-2020-14891", "CVE-2020-14892", "CVE-2020-14893", "CVE-2020-14894", "CVE-2020-14895", "CVE-2020-14896", "CVE-2020-14897", "CVE-2020-14898", "CVE-2020-14899", "CVE-2020-14900", "CVE-2020-14901", "CVE-2020-15358", "CVE-2020-15389", "CVE-2020-1730", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-1953", "CVE-2020-1954", "CVE-2020-1967", "CVE-2020-2555", "CVE-2020-3235", "CVE-2020-3909", "CVE-2020-4051", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-7067", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8840", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9409", "CVE-2020-9410", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9489", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "modified": "2020-12-08T00:00:00", "id": "ORACLE:CPUOCT2020", "href": "https://www.oracle.com/security-alerts/cpuoct2020.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}