SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:1833-1)

2022-05-25T00:00:00

Description

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1833-1 advisory. - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities. (CVE-2017-16932) - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

{"id": "SUSE_SU-2022-1833-1.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:1833-1)", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1833-1 advisory.\n\n - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.\n (CVE-2017-16932)\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2022-05-25T00:00:00", "modified": "2023-03-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0}, "severity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "https://www.tenable.com/plugins/nessus/161498", "reporter": "This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://www.suse.com/security/cve/CVE-2017-16932", "https://bugzilla.suse.com/1069689", "http://www.nessus.org/u?168bc211", "https://bugzilla.suse.com/1199132", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16932", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824", "https://www.suse.com/security/cve/CVE-2022-29824"], "cvelist": ["CVE-2017-16932", "CVE-2022-29824"], "immutableFields": [], "lastseen": "2023-03-10T19:19:12", "viewCount": 16, "enchantments": {"score": {"value": 0.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["LIBXML2_ADVISORY3.ASC"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2022-29824"]}, {"type": "amazon", "idList": ["ALAS2-2022-1848"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:534706586AA8B2BA233C6A2A618BD6A0", "CFOUNDRY:AEFE1E0FB78D2D1BC82159C0749C81D8", "CFOUNDRY:C0E674F38966607B2B6B03C0AB944275"]}, {"type": "cve", "idList": ["CVE-2017-16932", "CVE-2022-29824"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1194-1:E9867", "DEBIAN:DLA-2972-1:3A4A8", "DEBIAN:DLA-3012-1:209F3", "DEBIAN:DSA-5142-1:ACFFF"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-16932", "DEBIANCVE:CVE-2022-29824"]}, {"type": "fedora", "idList": ["FEDORA:4EE8E309D3ED", "FEDORA:90A7630A2C09", "FEDORA:E5FD830AAF2E"]}, {"type": "freebsd", "idList": ["D1E9D8C5-839B-11E8-9610-9C5C8E75236A"]}, {"type": "gentoo", "idList": ["GLSA-202210-03"]}, {"type": "github", "idList": ["GHSA-CGX6-HPWQ-FHV5"]}, {"type": "hackerone", "idList": ["H1:293126"]}, {"type": "ibm", "idList": ["0DDFB99CB8C38EE3AD681E1DDB584ED5008E60962834E9D1EA19DCDBB6940E62", "1695654077F888DBA5D74372BE319A101D1D52DECCCA129B96319385DBC072A0", "2B30B05D895F5EAB2757C70EC42922909454320880E9FB137EE4C5D446813B18", "30DC450AABD11109A70A2AFC8BA5DC8E8DEFDC385B32C17C4EE2BE3BF55721AB", "3F43444F946B02BFDB903A1AAF3D8C43D59EF40358F854CDC9829F77FF6F461E", "5F9F98B63CFA9F3BAFF7D46D1027876C47FA88574428F66B0F6A8E0196B8F39D", "6949963E8F8CDBBF076CCA42C1B972D8C4F8D8949B9544DFC6B3726DC3985FF2", "6E896C3EA4E119BB94E79619FA7DDA4DD85C924131CFD25FA41D57AE7BF850C4", "734EC285934823350B857E9363520A0225A34B3997BFDBC90357A130A4A91E29", "75C113431E513074D4D209CC5AC455FE9F61680A636C3E65E4D9B0CCFE8418FE", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "80AAF4A30BE5F1921DC1F8A0F5E3FCE4216BB1E2506D45A0C54426AE990BED7B", "8AF09D39919DFCEDA59D30328E778381C2630CD9C097879DBB5204834A432A43", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "AE567113545218823FAE52D3A477168F041C0F35D4EE0A605E4BEBE15225DAAD", "C9A62458FFCDA7D13068BA51A14F3364875030AD9E3379B54C1EB8EAA4DD8D49", "CC5F277D3ACAE3335BA730A0207062A84F97F8B011460F964107C4802703541B", "E228AE26D557AC2FB8C5AF13926D0970F3BAC5922DC3700312E52FD8E2BD1B47", "E23B2B70071C87B4B30F175BDFB816A59FF7F9127F0905729A27B7EF44524CBC", "EDA97EBBBEA29BD927C5821F3DA34F8BBC9B79F096B723860103434EBF1FD979", "F464CD623938E5ED5C85F50E078DBCBF19517CD5B7572A8280ED5A806C4AB47B"]}, {"type": "mageia", "idList": ["MGASA-2018-0048", "MGASA-2018-0050", "MGASA-2022-0177"]}, {"type": "nessus", "idList": ["AIX_IJ42339.NASL", "AIX_IJ42341.NASL", "AIX_IJ42381.NASL", "AL2022_ALAS2022-2022-068.NASL", "AL2022_ALAS2022-2022-198.NASL", "AL2_ALAS-2022-1848.NASL", "ALMA_LINUX_ALSA-2022-5250.NASL", "CLAMAV_0_100_1.NASL", "DEBIAN_DLA-1194.NASL", "DEBIAN_DLA-2972.NASL", "DEBIAN_DLA-3012.NASL", "DEBIAN_DSA-5142.NASL", "EULEROS_SA-2018-1088.NASL", "EULEROS_SA-2018-1089.NASL", "EULEROS_SA-2018-1156.NASL", "EULEROS_SA-2018-1257.NASL", "EULEROS_SA-2018-1258.NASL", "EULEROS_SA-2022-1901.NASL", "EULEROS_SA-2022-1938.NASL", "EULEROS_SA-2022-1972.NASL", "EULEROS_SA-2022-2002.NASL", "EULEROS_SA-2022-2093.NASL", "EULEROS_SA-2022-2113.NASL", "EULEROS_SA-2022-2137.NASL", "EULEROS_SA-2022-2162.NASL", "EULEROS_SA-2022-2354.NASL", "EULEROS_SA-2022-2390.NASL", "EULEROS_SA-2022-2517.NASL", "EULEROS_SA-2022-2572.NASL", "EULEROS_SA-2022-2622.NASL", "FREEBSD_PKG_D1E9D8C5839B11E896109C5C8E75236A.NASL", "GENTOO_GLSA-202210-03.NASL", "NESSUS_TNS-2022-20.NASL", "NESSUS_TNS-2022-26.NASL", "NEWSTART_CGSL_NS-SA-2022-0104_LIBXML2.NASL", "ORACLELINUX_ELSA-2022-5250.NASL", "ORACLELINUX_ELSA-2022-5317.NASL", "ORACLE_HTTP_SERVER_CPU_JAN_2023.NASL", "REDHAT-RHSA-2022-5250.NASL", "REDHAT-RHSA-2022-5317.NASL", "SLACKWARE_SSA_2022-122-01.NASL", "SUSE_SU-2018-0395-1.NASL", "SUSE_SU-2022-1750-1.NASL", "SUSE_SU-2022-2552-1.NASL", "UBUNTU_USN-3504-1.NASL", "UBUNTU_USN-5422-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813437", "OPENVAS:1361412562310843696", "OPENVAS:1361412562310843738", "OPENVAS:1361412562311220181088", "OPENVAS:1361412562311220181089", "OPENVAS:1361412562311220181156", "OPENVAS:1361412562311220181257", "OPENVAS:1361412562311220181258"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2023", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-5250", "ELSA-2022-5317"]}, {"type": "osv", "idList": ["OSV:CVE-2022-29824", "OSV:DLA-1194-1", "OSV:DLA-2972-1", "OSV:DLA-3012-1", "OSV:DSA-5142-1", "OSV:GHSA-CGX6-HPWQ-FHV5"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:167345", "PACKETSTORM:169825"]}, {"type": "photon", "idList": ["PHSA-2022-0198", "PHSA-2022-0399", "PHSA-2022-0411", "PHSA-2022-0479", "PHSA-2022-3.0-0399", "PHSA-2022-3.0-0411", "PHSA-2022-4.0-0198"]}, {"type": "redhat", "idList": ["RHSA-2022:5069", "RHSA-2022:5070", "RHSA-2022:5250", "RHSA-2022:5317", "RHSA-2022:5531", "RHSA-2022:5556", "RHSA-2022:5673", "RHSA-2022:5699", "RHSA-2022:5704", "RHSA-2022:5840", "RHSA-2022:5908", "RHSA-2022:5909", "RHSA-2022:6024", "RHSA-2022:6040", "RHSA-2022:6156", "RHSA-2022:6271", "RHSA-2022:6290", "RHSA-2022:6346", "RHSA-2022:6348", "RHSA-2022:6429", "RHSA-2022:6430", "RHSA-2022:6526", "RHSA-2022:6696", "RHSA-2022:8841"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-16932", "RH:CVE-2022-29824"]}, {"type": "rocky", "idList": ["RLSA-2022:5250", "RLSA-2022:5317"]}, {"type": "slackware", "idList": ["SSA-2022-122-01"]}, {"type": "suse", "idList": ["SUSE-SU-2022:1750-1", "SUSE-SU-2022:2552-1"]}, {"type": "ubuntu", "idList": ["USN-3504-1", "USN-3504-2", "USN-3739-1", "USN-5422-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2017-16932", "UB:CVE-2022-29824"]}, {"type": "veracode", "idList": ["VERACODE:35093", "VERACODE:35379"]}, {"type": "zdt", "idList": ["1337DAY-ID-37760", "1337DAY-ID-38064"]}]}, "epss": [{"cve": "CVE-2017-16932", "epss": "0.015680000", "percentile": "0.852240000", "modified": "2023-03-19"}, {"cve": "CVE-2022-29824", "epss": "0.000760000", "percentile": "0.306350000", "modified": "2023-03-19"}], "vulnersScore": 0.3}, "_state": {"dependencies": 1678476053, "score": 1678476488, "epss": 1679298256}, "_internal": {"score_hash": "5248f9782620d6023f8bd25dc8c03263"}, "pluginID": "161498", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1833-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161498);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\"CVE-2017-16932\", \"CVE-2022-29824\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:1833-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : libxml2 (SUSE-SU-2022:1833-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:1833-1 advisory.\n\n - parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.\n (CVE-2017-16932)\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1069689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199132\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-May/011148.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?168bc211\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-16932\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-29824\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-16932\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libxml2-2-2.9.4-46.54.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3', 'sles-bcl-release-12.3']},\n {'reference':'libxml2-2-32bit-2.9.4-46.54.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3', 'sles-bcl-release-12.3']},\n {'reference':'libxml2-doc-2.9.4-46.54.3', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3', 'sles-bcl-release-12.3']},\n {'reference':'libxml2-tools-2.9.4-46.54.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3', 'sles-bcl-release-12.3']},\n {'reference':'python-libxml2-2.9.4-46.54.3', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.3', 'sles-bcl-release-12.3']},\n {'reference':'libxml2-2-2.9.4-46.54.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libxml2-2-32bit-2.9.4-46.54.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libxml2-doc-2.9.4-46.54.3', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libxml2-tools-2.9.4-46.54.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'python-libxml2-2.9.4-46.54.3', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libxml2-2-2.9.4-46.54.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'libxml2-2-32bit-2.9.4-46.54.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'libxml2-devel-2.9.4-46.54.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'libxml2-doc-2.9.4-46.54.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'libxml2-tools-2.9.4-46.54.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'python-libxml2-2.9.4-46.54.3', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'libxml2-2-2.9.4-46.54.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'libxml2-2-32bit-2.9.4-46.54.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'libxml2-doc-2.9.4-46.54.3', 'sp':'2', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'libxml2-tools-2.9.4-46.54.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'python-libxml2-2.9.4-46.54.3', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.2']},\n {'reference':'libxml2-2-2.9.4-46.54.3', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libxml2-2-32bit-2.9.4-46.54.3', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libxml2-doc-2.9.4-46.54.3', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libxml2-tools-2.9.4-46.54.3', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'python-libxml2-2.9.4-46.54.3', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.3']},\n {'reference':'libxml2-2-2.9.4-46.54.3', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libxml2-2-32bit-2.9.4-46.54.3', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libxml2-doc-2.9.4-46.54.3', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libxml2-tools-2.9.4-46.54.3', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'python-libxml2-2.9.4-46.54.3', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2-2 / libxml2-2-32bit / libxml2-devel / libxml2-doc / etc');\n}\n", "naslFamily": "SuSE Local Security Checks", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-32bit", "p-cpe:/a:novell:suse_linux:libxml2-devel", "p-cpe:/a:novell:suse_linux:libxml2-doc", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:python-libxml2", "cpe:/o:novell:suse_linux:12"], "solution": "Update the affected packages.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2017-16932", "vendor_cvss2": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "vendor_cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "vpr": {"risk factor": "Medium", "score": "5.1"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2022-05-24T00:00:00", "vulnerabilityPublicationDate": "2017-11-23T00:00:00", "exploitableWith": []}

{"ibm": [{"lastseen": "2023-02-21T21:51:30", "description": "## Summary\n\nA vulnerability has been identified in libxml2 that is embedded in FSM. This bulletin addresses that issue.\n\n## Vulnerability Details\n\n \n**CVEID:** [_CVE-2017-16932_](<https://vulners.com/cve/CVE-2017-16932>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135489_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135489>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n## Affected Products and Versions\n\n \nFlex System Manager 1.3.4.2 \nFlex System Manager 1.3.4.1 \nFlex System Manager 1.3.4.0 \nFlex System Manager 1.3.3.2 \nFlex System Manager 1.3.3.1 \nFlex System Manager 1.3.3.0 \nFlex System Manager 1.3.2.3 \nFlex System Manager 1.3.2.2 \nFlex System Manager 1.3.2.1 \nFlex System Manager 1.3.2.0\n\n## Remediation/Fixes\n\nIBM recommends updating the FSM and all affected remote Common Agent Services (CAS) endpoints using the instructions referenced in this table. \n \n \n\n\nProduct| VRMF| Remediation \n---|---|--- \nFlex System Manager| 1.3.4.0 \n1.3.4.1 \n1.3.4.2| Navigate to the [_Support Portal_](<https://www.ibm.com/support/entry/portal/support/>)_ _and search for technote [847550927](<http://www-01.ibm.com/support/docview.wss?uid=nas769be7782d8bdfd878625825700552750>) for instructions on installing updates for FSM version 1.3.4 and Agents. \nFlex System Manager| 1.3.3.0 \n1.3.3.1 \n1.3.3.2| Navigate to the [_Support Portal_](<https://www.ibm.com/support/entry/portal/support/>)_ _and search for technote [847550927](<http://www-01.ibm.com/support/docview.wss?uid=nas769be7782d8bdfd878625825700552750>) for instructions on installing updates for FSM version 1.3.3 and Agents. \nFlex System Manager| 1.3.2.0 \n1.3.2.1 \n1.3.2.2 \n1.3.2.3| Navigate to the [_Support Portal_](<https://www.ibm.com/support/entry/portal/support/>)_ _and search for technote [847550927](<http://www-01.ibm.com/support/docview.wss?uid=nas769be7782d8bdfd878625825700552750>) for instructions on installing updates for FSM version 1.3.2 and Agents. \n \nFor all other VRMF IBM recommends upgrading to a fixed, supported version/release of the product. \n \nNote: Installation of the fixes provided in the technote will install a cumulative fix package that will update the version of the FSM. Reference the technote for more details. \n \n\n\nYou should verify applying this fix does not cause any compatibility issues. The fix may disable older encrypted protocols by default.\n\nIBM recommends that you review your entire environment to identify other areas where you have enabled weak encryption and take appropriate mitigation and remediation actions.\n\nFor a complete listing of FSM security iFixes go to this technote: [http://www-01.ibm.com/support/docview.wss?uid=nas7797054ebc3d9857486258027006ce4a0&myns=purflex&mync=E&cm_sp=purflex-_-NULL-_-E](<http://www-01.ibm.com/support/docview.wss?uid=nas7797054ebc3d9857486258027006ce4a0&myns=purflex&mync=E&cm_sp=purflex-_-NULL-_-E>)\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-06-18T01:42:30", "type": "ibm", "title": "Security Bulletin: A vulnerability in libxml2 affects IBM Flex System Manager (FSM) (CVE-2017-16932)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2018-06-18T01:42:30", "id": "EDA97EBBBEA29BD927C5821F3DA34F8BBC9B79F096B723860103434EBF1FD979", "href": "https://www.ibm.com/support/pages/node/664629", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-23T21:50:00", "description": "## Summary\n\nIBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems has addressed the following vulnerability in libxml2.\n\n## Vulnerability Details\n\n**Summary**\n\nIBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems has addressed the following vulnerability in libxml2.\n\n**Vulnerability Details**\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>)\n\n**Description:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system.\n\nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**Affected Products and Versions**\n\nProduct | Version \n---|--- \nIBM Integrated Management Module II (IMM2) for System x and Flex Systems | 1AOO \nIBM Integrated Management Module II (IMM2) for BladeCenter Systems | 1AOO \n \n**Remediation/Fixes**\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nProduct | Fixed Version \n---|--- \nIBM Integrated Management Module II (IMM2) for System x and Flex Systems \n(ibm_fw_imm2_1aoo82e-6.60_anyos_noarch) | 1AOO82E-6.60 \nIBM Integrated Management Module II (IMM2) for BladeCenter Systems \n(ibm_fw_imm2_1aoo82e-6.60-bc_anyos_noarch) | 1AOO82E-6.60-bc \n \n**Workarounds and Mitigations**\n\nNone.\n\n**References**\n\n * [Complete CVSS V3 Guide](<http://www.first.org/cvss/user-guide>)\n * [On-line Calculator V3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone.\n\n**Change History** \n22 March, 2018: Original Version Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2019-01-31T02:40:01", "type": "ibm", "title": "Security Bulletin: Vulnerability in libxml2 affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems (CVE-2017-16932)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2019-01-31T02:40:01", "id": "2B30B05D895F5EAB2757C70EC42922909454320880E9FB137EE4C5D446813B18", "href": "https://www.ibm.com/support/pages/node/868944", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T21:35:56", "description": "## Summary\n\nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) (CVE-2022-29824). GNOME libxml2 is used as part of the base image included in our service components. Please read the details for remediation below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.0.0 - 4.5.4 \n \n \n\n\n## Remediation/Fixes\n\nIBM strongly recommends addressing the vulnerability now by upgrading. \n\n**Product(s)**| **Version(s) \n**| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| [**4.6**](<https://www.ibm.com/docs/en/cloud-paks/cp-data>)| **[The fix in 4.6 applies to all versions listed (4.0.0-4.5.4). Version 4.6 can be downloaded and installed from: ](<https://www.ibm.com/docs/en/cloud-paks/cp-data>) \n<https://www.ibm.com/docs/en/cloud-paks/cp-data> \n** \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-12T21:59:00", "type": "ibm", "title": "Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNOME libxml2 (CVE-2022-29824)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-01-12T21:59:00", "id": "80AAF4A30BE5F1921DC1F8A0F5E3FCE4216BB1E2506D45A0C54426AE990BED7B", "href": "https://www.ibm.com/support/pages/node/6843885", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T21:38:49", "description": "## Summary\n\nGNOME libxml2 is not used directly by IBM App Connect Enterprise Certified Container but is present in the operand images as part of the base operating system. Use of libxml2 within IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution and loss of confidentiality. This bulletin provides patch information to address the reported vulnerabilities CVE-2022-29824 in libxml2.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nApp Connect Enterprise Certified Container| 4.1 \nApp Connect Enterprise Certified Container| 4.2 \nApp Connect Enterprise Certified Container| 5.0-lts \n \n\n\n## Remediation/Fixes\n\n**App Connect Enterprise Certified Container 4.1, 4.2 and 5.0 (Continuous Delivery)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.1.0 or higher, and ensure that all components are at 12.0.5.0-r2 or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect/containers_cd?topic=releases-upgrading-operator>\n\n**App Connect Enterprise Certified Container 5.0 LTS (Long Term Support)**\n\nUpgrade to App Connect Enterprise Certified Container Operator version 5.0.1 or higher, and ensure that all DesignerAuthoring and IntegrationServer components are at 12.0.6.0-r1-lts or higher. Documentation on the upgrade process is available at <https://www.ibm.com/docs/en/app-connect-contlts?topic=releases-upgrading-operator>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-07T10:54:43", "type": "ibm", "title": "Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to CVE-2022-29824", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-11-07T10:54:43", "id": "75C113431E513074D4D209CC5AC455FE9F61680A636C3E65E4D9B0CCFE8418FE", "href": "https://www.ibm.com/support/pages/node/6837583", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-28T01:37:11", "description": "## Summary\n\nUPDATED Dec 12 2022 (Added iFixes for AIX 7.2 TL5 SP5 and VIOS 3.1.4.10): A vulnerability in libxml2 could allow a remote attacker to cause a denial of service (CVE-2022-29824). AIX uses libxml2 as part of its XML parsing functions.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nAIX| 7.2 \nAIX| 7.3 \nVIOS| 3.1 \n \nThe following fileset levels are vulnerable:\n\nFileset| Lower Level| Upper Level \n---|---|--- \nbos.rte.control| 7.2.4.0| 7.2.4.5 \nbos.rte.control| 7.2.5.0| 7.2.5.4 \nbos.rte.control| 7.2.5.100| 7.2.5.101 \nbos.rte.control| 7.2.5.200| 7.2.5.200 \nbos.rte.control| 7.3.0.0| 7.3.0.1 \n \nTo find out whether the affected filesets are installed on your systems, refer to the lslpp command found in AIX user's guide.\n\nExample: lslpp -L | grep -i bos.rte.control\n\n## Remediation/Fixes\n\n**A. APARS**\n\nIBM has assigned the following APARs to this problem:\n\nAIX Level| APAR| SP \n---|---|--- \n7.2.4| IJ42381| N/A \n7.2.5| IJ42339| SP06 \n7.3.0| IJ42341| SP04 \n \nVIOS Level| APAR| SP \n---|---|--- \n3.1.1| IJ42381| N/A \n3.1.2| IJ42378| 3.1.2.60 \n3.1.3| IJ42379| 3.1.3.40 \n3.1.4| IJ42339| 3.1.4.20 \n \nSubscribe to the APARs here:\n\n<https://www.ibm.com/support/pages/apar/IJ42339>\n\n<https://www.ibm.com/support/pages/apar/IJ42341>\n\n<https://www.ibm.com/support/pages/apar/IJ42378>\n\n<https://www.ibm.com/support/pages/apar/IJ42379>\n\n<https://www.ibm.com/support/pages/apar/IJ42381>\n\nBy subscribing, you will receive periodic email alerting you to the status of the APAR, and a link to download the fix once it becomes available.\n\n**B. FIXES**\n\nIBM strongly recommends addressing the vulnerability now.\n\nAIX and VIOS fixes are available.\n\nThe AIX and VIOS fixes can be downloaded via ftp or http from:\n\nftp://aix.software.ibm.com/aix/efixes/security/libxml2_fix3.tar\n\n<http://aix.software.ibm.com/aix/efixes/security/libxml2_fix3.tar>\n\n<https://aix.software.ibm.com/aix/efixes/security/libxml2_fix3.tar>\n\nThe link above is to a tar file containing this signed advisory, fix packages, and OpenSSL signatures for each package. The fixes below include prerequisite checking. This will enforce the correct mapping between the fixes and AIX Technology Levels.\n\nAIX Level| Interim Fix \n---|--- \n7.2.4.4| IJ42381s6a.220909.epkg.Z \n7.2.4.5| IJ42381s6a.220909.epkg.Z \n7.2.4.6| IJ42381s6a.220909.epkg.Z \n7.2.5.2| IJ42339s2a.220909.epkg.Z \n7.2.5.3| IJ42339s4a.220907.epkg.Z \n7.2.5.4| IJ42339s4a.220907.epkg.Z \n7.2.5.5| IJ42339s5a.221212.epkg.Z \n7.3.0.1| IJ42341s2a.220907.epkg.Z \n7.3.0.2| IJ42341s2a.220907.epkg.Z \n \nPlease note that the above table refers to AIX TL/SP level as opposed to fileset level, i.e., 7.2.5.2 is AIX 7200-05-02.\n\nPlease reference the Affected Products and Version section above for help with checking installed fileset levels.\n\nVIOS Level| Interim Fix \n---|--- \n3.1.1.40| IJ42381s6a.220909.epkg.Z \n3.1.1.50| IJ42381s6a.220909.epkg.Z \n3.1.1.60| IJ42381s6a.220909.epkg.Z \n3.1.2.21| IJ42378s2a.220909.epkg.Z \n3.1.2.30| IJ42378s2a.221010.epkg.Z \n3.1.2.40| IJ42378s2a.221010.epkg.Z \n3.1.3.10| IJ42379s4a.220909.epkg.Z \n3.1.3.14| IJ42379s4a.220909.epkg.Z \n3.1.3.21| IJ42379s4a.220909.epkg.Z \n3.1.4.10| IJ42339s5a.221212.epkg.Z \n \nTo extract the fixes from the tar file:\n\ntar xvf libxml2_fix3.tar\n\ncd libxml2_fix3\n\nVerify you have retrieved the fixes intact:\n\nThe checksums below were generated using the \"openssl dgst -sha256 [filename]\" command as the following:\n\nopenssl dgst -sha256| filename \n---|--- \nf6d71f263ee414469dde9e6c3325fbc56031d3098ee8831f330e90c9e6b4dd9a| IJ42339s2a.220909.epkg.Z \n062b34620bc669451695f0de09580aef6e16f36f6430654dee5c403d23bc2fcc| IJ42339s4a.220907.epkg.Z \n6a76b4c66b2ff7022b6a00eb2348b4c930af7293692631367f08e4bc65a753df| IJ42339s5a.221212.epkg.Z \n562b5f19d4db9e4c8835fd92f2e65038c2d765f0ff5e3ef40bad2d9110403a26| IJ42341s2a.220907.epkg.Z \nf5ec81e718eef7d02adfb85a70f626073f684b93d72173212ba5675fe1eff001| IJ42378s2a.220909.epkg.Z \n6d32716245fee8bc45fb961754eb53aaabc8630eb1e999c1e67cee237cc058cd| IJ42378s2a.221010.epkg.Z \ne00696e638622f82a2264b994fff9415b55c323a271da4c4bb84626046aa031c| IJ42379s4a.220909.epkg.Z \nf03c422e62ea819fa2dfc56342a16da80d20df4444667c6fae97ae95c1c2f6dd| IJ42381s6a.220909.epkg.Z \n \nThese sums should match exactly. The OpenSSL signatures in the tar file and on this advisory can also be used to verify the integrity of the fixes. If the sums or signatures cannot be confirmed, contact IBM Support at <http://ibm.com/support/> and describe the discrepancy. \n\nopenssl dgst -sha256 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]\n\nopenssl dgst -sha256 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]\n\nPublished advisory OpenSSL signature file location:\n\n<http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory3.asc.sig>\n\n<https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory3.asc.sig>\n\nftp://aix.software.ibm.com/aix/efixes/security/libxml2_advisory3.asc.sig\n\n**C. FIX AND INTERIM FIX INSTALLATION**\n\nIf possible, it is recommended that a mksysb backup of the system be created. Verify it is both bootable and readable before proceeding.\n\nTo preview a fix installation:\n\ninstallp -a -d fix_name -p all # where fix_name is the name of the\n\n# fix package being previewed.\n\nTo install a fix package:\n\ninstallp -a -d fix_name -X all # where fix_name is the name of the\n\n# fix package being installed.\n\nInterim fixes have had limited functional and regression testing but not the full regression testing that takes place for Service Packs; however, IBM does fully support them.\n\nInterim fix management documentation can be found at:\n\n<http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html>\n\nTo preview an interim fix installation:\n\nemgr -e ipkg_name -p # where ipkg_name is the name of the\n\n# interim fix package being previewed.\n\nTo install an interim fix package:\n\nemgr -e ipkg_name -X # where ipkg_name is the name of the\n\n# interim fix package being installed.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-12-12T19:04:25", "type": "ibm", "title": "Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2022-29824)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-12-12T19:04:25", "id": "6E896C3EA4E119BB94E79619FA7DDA4DD85C924131CFD25FA41D57AE7BF850C4", "href": "https://www.ibm.com/support/pages/node/6619729", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-21T05:53:02", "description": "## Summary\n\nVulnerabilities have been addressed in the Libxml2 component of IBM InfoSphere Identity Insight. \n\n## Vulnerability Details\n\n**CVEID:** CVE-2017-16932 \n**DESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n**CVEID:** CVE-2017-16931 \n**DESCRIPTION:** Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135488> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\nIBM InfoSphere Identity Insight 9.0.x\n\n## Remediation/Fixes\n\n \n\n\n**Principal Product and Version(s)**| **Affected Supporting Product and Version**| **Fix Central Download Link** \n---|---|--- \nIBM InfoSphere Identity Insight 9.0.x| libxml2| \n\n * AIX: [isii_9.0.0.1_ifix001_aix71_p7](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/InfoSphere+Identity+Insight&release=9.0.0.1&platform=AIX&function=all>)\n * Linux 64-bit, x86_64: [isii_9.0.0.1_ifix001_linux_x64](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/InfoSphere+Identity+Insight&release=9.0.0.1&platform=Linux+64-bit,x86_64&function=all>)\n * Linux 64-bit, pSeries: [isii_9.0.0.1_ifix001_linux_pwr8](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/InfoSphere+Identity+Insight&release=9.0.0.1&platform=Linux+64-bit,pSeries&function=all>)\n * Windows 64-bit: [isii_9.0.0.1_ifix001_win_x64](<https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm%7EInformation%20Management&product=ibm/Information+Management/InfoSphere+Identity+Insight&release=9.0.0.1&platform=Windows+64-bit,+x86&function=all>) \n \n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-16T14:20:03", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM InfoSphere Identity Insight.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16931", "CVE-2017-16932"], "modified": "2018-06-16T14:20:03", "id": "5F9F98B63CFA9F3BAFF7D46D1027876C47FA88574428F66B0F6A8E0196B8F39D", "href": "https://www.ibm.com/support/pages/node/570251", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-23T21:50:01", "description": "## Summary\n\nIntel\u00ae Manycore Platform Software Stack (Intel\u00ae MPSS) for Linux and Windows have addressed the following vulnerabilities in libxml2.\n\n## Vulnerability Details\n\n**Summary**\n\nIntel\u00ae Manycore Platform Software Stack (Intel\u00ae MPSS) for Linux and Windows have addressed the following vulnerabilities in libxml2.\n\n**Vulnerability Details**\n\n**CVEID:** [CVE-2017-16931](<https://vulners.com/cve/CVE-2017-16931>)\n\n**Description:** Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system.\n\nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135488> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>)\n\n**Description:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system.\n\nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**Affected Products and Versions**\n\nThe following products used with Intel Xeon Phi PCI-Express cards (Intel Xeon Phi 3120A, Intel Xeon Phi 5110P, Intel Xeon Phi 7120A, and Intel Xeon Phi 7210P) on the System x systems:\n\n * iDataPlex dx360 M4\n * NeXtScale nx360 M4\n * PureFlex x220 M4 / x240 M4 / x240 M5\n * x3850 X6 / x3950 X6\nProduct | Affected Version \n---|--- \nIntel\u00ae Manycore Platform Software Stack (MPSS) for Linux & Windows | 3.8 \n \n**Remediation/Fixes**\n\nIBM recommends that you update the affected versions of Intel MPSS that are used with the Intel Xeon Phi cards supported in IBM System x Servers to MPSS version 3.8.4 or later.\n\nInstructions on how to download and apply the update are available at:\n\n[ https://software.intel.com/en-us/articles/intel-manycore-platform-software-stack-mpss](<https://software.intel.com/en-us/articles/intel-manycore-platform-software-stack-mpss>)\n\nProduct | Fix Version \n---|--- \nIntel\u00ae Manycore Platform Software Stack (MPSS) for Linux & Windows | 3.8.4 \n \n**Workaround(s) & Mitigation(s)**\n\nNone\n\n**References**\n\n * [Complete CVSS v3 Guide](<http://www.first.org/cvss/user-guide.html>)\n * [On-line Calculator v3](<http://www.first.org/cvss/calculator/3.0>)\n\n**Related Information** \n[IBM Secure Engineering Web Portal](<http://www.ibm.com/security/secure-engineering/bulletins.html>) \n[IBM Product Security Incident Response Blog](<https://www.ibm.com/blogs/psirt/>) \n[Lenovo Product Security Advisories](<https://support.lenovo.com/us/en/product_security/home>)\n\n**Acknowledgement**\n\nNone\n\n**Change History** \n15 May 2018: Original Copy Published\n\n* The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.\n\n**Disclaimer**\n\nAccording to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-31T02:40:01", "type": "ibm", "title": "Security Bulletin: Vulnerabilities in libxml2 affect Intel\u00ae Manycore Platform Software Stack (Intel\u00ae MPSS) for Linux and Windows (CVE-2017-16931, CVE-2017-16932)", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16931", "CVE-2017-16932"], "modified": "2019-01-31T02:40:01", "id": "F464CD623938E5ED5C85F50E078DBCBF19517CD5B7572A8280ED5A806C4AB47B", "href": "https://www.ibm.com/support/pages/node/868956", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:50:02", "description": "## Summary\n\nVulnerabilities in libxml2 have been addressed by IBM Flex System switch firmware products listed below. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-5130](<https://vulners.com/cve/CVE-2017-5130>) \n**DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133570> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>) \n**DESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-15412](<https://vulners.com/cve/CVE-2017-15412>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libXML. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136046> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-5131](<https://vulners.com/cve/CVE-2016-5131>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libxml. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115396> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Product **\n\n| \n\n**Affected Version ** \n \n---|--- \nIBM Flex System Fabric EN4093R 10Gb Scalable Switch firmware | \n\n7.8 \n \nIBM Flex System EN2092 1Gb Ethernet Scalable firmware\n\n| \n\n7.8 \n \nIBM Flex System Fabric GbFSIM 10Gb Scalable Switch firmware\n\n| \n\n7.8 \n \nIBM Flex System CN4093 10Gb ScSE firmware\n\n| \n\n7.8 \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\n**Product **\n\n| \n\n**Fix Version ** \n \n---|--- \n \nIBM Flex System Fabric EN4093R 10Gb Scalable Switch firmware \n(ibm_fw_scsw_en4093r-7.8.20.0_anyos_noarch)\n\n| \n\n7.8.20.00 \n \nIBM Flex System EN2092 1Gb Ethernet Scalable firmware \n(ibm_fw_scsw_en2092-7.8.20.0_anyos_noarch)\n\n| \n\n7.8.20.00 \n \nIBM Flex System Fabric GbFSIM 10Gb Scalable Switch firmware \n(ibm_fw_scsw_si4093-7.8.20.0_anyos_noarch )\n\n| \n\n7.8.20.00 \n \nIBM Flex System CN4093 10Gb ScSE firmware \n(ibm_fw_scsw_cn4093-7.8.20.0_anyos_noarch)\n\n| \n\n7.8.20.00 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-07-12T18:58:53", "type": "ibm", "title": "Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in libxml2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5131", "CVE-2017-15412", "CVE-2017-16932", "CVE-2017-5130"], "modified": "2018-07-12T18:58:53", "id": "8AF09D39919DFCEDA59D30328E778381C2630CD9C097879DBB5204834A432A43", "href": "https://www.ibm.com/support/pages/node/713477", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-13T05:36:19", "description": "## Summary\n\nVulnerabilities in libxml2 have been addressed by IBM RackSwitch firmware products listed below. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-5130](<https://vulners.com/cve/CVE-2017-5130>) \n**DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133570> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>) \n**DESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-15412](<https://vulners.com/cve/CVE-2017-15412>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libXML. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136046> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-5131](<https://vulners.com/cve/CVE-2016-5131>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libxml. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115396> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Product **\n\n| \n\n**Affected Version ** \n \n---|--- \n \nIBM RackSwitch G8052 \n\n| \n\n7.9 \n \nIBM RackSwitch G8052\n\n| \n\n7.11 \n \nIBM RackSwitch G8124/G8124E\n\n| \n\n7.9 \n \nIBM RackSwitch G8124/G8124E\n\n| \n\n7.11 \n \nIBM RackSwitch G8264\n\n| \n\n7.9 \n \nIBM RackSwitch G8264\n\n| \n\n7.11 \n \nIBM RackSwitch G8264CS\n\n| \n\n7.8 \n \nIBM RackSwitch G8264T\n\n| \n\n7.9 \n \nIBM RackSwitch G8316\n\n| \n\n7.9 \n \nIBM RackSwitch G8332\n\n| \n\n7.7 \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: [http://www.ibm.com/support/fixcentral/](<http://www.ibm.com/support/fixcentral/>)\n\n**Product **\n\n| \n\n**Fix Version ** \n \n---|--- \n \nIBM RackSwitch G8052 (G8052_Image_7.9.22.0)\n\n| \n\n7.9.22.0 \n \nIBM RackSwitch G8052 \n(G8052_Image_7.11.12.0)\n\n| \n\n7.11.12.0 \n \nIBM RackSwitch G8124/G8124E \n(G8124_G8124E_Image_7.9.22.0)\n\n| \n\n7.9.22.0 \n \nIBM RackSwitch G8124/G8124E \n(G8124_G8124E_Image_7.11.12.0)\n\n| \n\n7.11.12.0 \n \nIBM RackSwitch G8264 \n(G8264_Image_7.9.22.0)\n\n| \n\n7.9.22.0 \n \nIBM RackSwitch G8264 \n(G8264_Image_7.11.12.0)\n\n| \n\n7.11.12.0 \n \nIBM RackSwitch G8264CS \n(G8264CS_Image_7.8.20.0)\n\n| \n\n7.8.20.0 \n \nIBM RackSwitch G8264T \n(G8264T_Image_7.9.22.0)\n\n| \n\n7.9.22.0 \n \nIBM RackSwitch G8316 \n(G8316_Image_7.9.22.0)\n\n| \n\n7.9.22.0 \n \nIBM RackSwitch G8332 \n(G8332_Image_7.7.28.0)\n\n| \n\n7.7.28.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-07-13T17:44:33", "type": "ibm", "title": "Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in libxml2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5131", "CVE-2017-15412", "CVE-2017-16932", "CVE-2017-5130"], "modified": "2018-07-13T17:44:33", "id": "E228AE26D557AC2FB8C5AF13926D0970F3BAC5922DC3700312E52FD8E2BD1B47", "href": "https://www.ibm.com/support/pages/node/715799", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:49:29", "description": "## Summary\n\nIBM BladeCenter Advanced Management Module (AMM) has addressed the following vulnerabilities in libxml2.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-5130](<https://vulners.com/cve/CVE-2017-5130>) \n**DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133570> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>) \n**DESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-15412](<https://vulners.com/cve/CVE-2017-15412>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libXML. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136046> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-5131](<https://vulners.com/cve/CVE-2016-5131>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libxml. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115396> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Product **\n\n| \n\n**Affected Version ** \n \n---|--- \n \nIBM BladeCenter Advanced Management Module (AMM)\n\n| \n\nBPET \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: [http://www.ibm.com/support/fixcentral/](<http://www.ibm.com/support/fixcentral/>)\n\n**Product **\n\n| \n\n**Fix Version ** \n \n---|--- \n \nIBM BladeCenter Advanced Management Module (AMM) \n(ibm_fw_amm_bpet68j-3.68j_anyos_noarch)\n\n| \n\nbpet68j-3.68j \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-07-30T22:32:33", "type": "ibm", "title": "Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in libxml2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5131", "CVE-2017-15412", "CVE-2017-16932", "CVE-2017-5130"], "modified": "2018-07-30T22:32:33", "id": "734EC285934823350B857E9363520A0225A34B3997BFDBC90357A130A4A91E29", "href": "https://www.ibm.com/support/pages/node/719049", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T21:50:10", "description": "## Summary\n\nVulnerabilities in libxml2 have been addressed by IBM BladeCenter Virtual Fabric 10Gb Switch Module. \n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-5130](<https://vulners.com/cve/CVE-2017-5130>) \n**DESCRIPTION:** Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by libxml2. By persuading a victim to visit a specially-crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133570> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>) \n**DESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [CVE-2017-15412](<https://vulners.com/cve/CVE-2017-15412>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libXML. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136046> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-5131](<https://vulners.com/cve/CVE-2016-5131>) \n**DESCRIPTION:** Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in libxml. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/115396> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n**Product **\n\n| \n\n**Affected Version ** \n \n---|--- \n \nIBM BladeCenter Virtual Fabric 10Gb Switch Module\n\n| \n\n7.8 \n \n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\n**Product **\n\n| \n\n**Fix Version ** \n \n---|--- \n \nIBM BladeCenter Virtual Fabric 10Gb Switch Module \n(ibm_fw_bcsw_24-10g-7.8.15.0_anyos_noarch)\n\n| \n\n7.8.15.0 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2018-07-10T21:53:15", "type": "ibm", "title": "Security Bulletin: IBM BladeCenter Virtual Fabric 10Gb Switch Module is affected by vulnerabilites in libxml2", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5131", "CVE-2017-15412", "CVE-2017-16932", "CVE-2017-5130"], "modified": "2018-07-10T21:53:15", "id": "CC5F277D3ACAE3335BA730A0207062A84F97F8B011460F964107C4802703541B", "href": "https://www.ibm.com/support/pages/node/715837", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-21T01:52:18", "description": "## Summary\n\nVulnerabilities have been addressed in the Libxml2 component of IBM Cognos Metrics Manager. \n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-4658_](<https://vulners.com/cve/CVE-2016-4658>)** \nDESCRIPTION:** The libxml2 library, as used in multiple products, could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. An attacker could exploit this vulnerability using a specially crafted XML document to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117175_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117175>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n\n**CVEID:** [_CVE-2017-7375_](<https://vulners.com/cve/CVE-2017-7375>)** \nDESCRIPTION:** libxml2 could allow a remote attacker to obtain sensitive information, caused by missing validation for external entities in xmlParsePEReference. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/128275_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128275>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L)\n\n**CVEID:** [_CVE-2017-9050_](<https://vulners.com/cve/CVE-2017-9050>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictAddString function in dict.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126277_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126277>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-9049_](<https://vulners.com/cve/CVE-2017-9049>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictComputeFastKey function in dict.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126276_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126276>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-16932_](<https://vulners.com/cve/CVE-2017-16932>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135489_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135489>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2017-16931_](<https://vulners.com/cve/CVE-2017-16931>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135488_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135488>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n## Affected Products and Versions\n\n * * IBM Cognos Metrics Manager 10.2.2\n * IBM Cognos Metrics Manager 10.2.1\n * IBM Cognos Metrics Manager 10.2\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix as soon as practical. As the fix is in a shared component across the Business Intelligence portfolio, applying the BI Interim Fix will resolve the issue. Note that the prerequisites named in the links are also satisfied by an IBM Cognos Metrics Manager install of the same version. \n\n \n| Version| Interim Fix \n---|---|--- \nIBM Cognos Metrics Manager| 10.2.2| [IBM Cognos Business Intelligence 10.2.2 Interim Fix 17](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \nIBM Cognos Metrics Manager| 10.2.1| [IBM Cognos Business Intelligence 10.2.1 Interim Fix 22](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \nIBM Cognos Metrics Manager| 10.2| [IBM Cognos Business Intelligence 10.2 Interim Fix 25](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:49:47", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in Libxml2 affect IBM Cognos Metrics Manager.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2017-16931", "CVE-2017-16932", "CVE-2017-7375", "CVE-2017-9049", "CVE-2017-9050"], "modified": "2018-06-15T23:49:47", "id": "3F43444F946B02BFDB903A1AAF3D8C43D59EF40358F854CDC9829F77FF6F461E", "href": "https://www.ibm.com/support/pages/node/301567", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:52:25", "description": "## Summary\n\nIBM Cognos Business Intelligence uses Libxml2. Multiple vulnerabilites in Libxml2 have been addressed.\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-4658_](<https://vulners.com/cve/CVE-2016-4658>)** \nDESCRIPTION:** The libxml2 library, as used in multiple products, could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. An attacker could exploit this vulnerability using a specially crafted XML document to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117175_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117175>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n \n**CVEID:** [_CVE-2017-9050_](<https://vulners.com/cve/CVE-2017-9050>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictAddString function in dict.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126277_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126277>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2017-9049_](<https://vulners.com/cve/CVE-2017-9049>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictComputeFastKey function in dict.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126276_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126276>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-9048_](<https://vulners.com/cve/CVE-2017-9048>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking of the strlen(buf) size in the xmlSnprintfElementContent function in valid.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126275_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126275>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-9047_](<https://vulners.com/cve/CVE-2017-9047>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the xmlSnprintfElementContent function in valid.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126274_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126274>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-8872_](<https://vulners.com/cve/CVE-2017-8872>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by a a buffer-over-read flaw in the htmlParseTryOrFinish function in HTMLparser.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause a denial of service condition or obtain sensitive information on the system. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/125890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/125890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-7375_](<https://vulners.com/cve/CVE-2017-7375>)** \nDESCRIPTION:** libxml2 could allow a remote attacker to obtain sensitive information, caused by missing validation for external entities in xmlParsePEReference. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/128275_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128275>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L)\n\n**CVEID:** [_CVE-2017-5969_](<https://vulners.com/cve/CVE-2017-5969>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xmlSaveDoc functionality when used in recover mode. By persuading a victim to open a specially crafted XML document, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/128274_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128274>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2017-16932_](<https://vulners.com/cve/CVE-2017-16932>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135489_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135489>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n**CVEID:** [_CVE-2017-16931_](<https://vulners.com/cve/CVE-2017-16931>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135488_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135488>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n\n## Affected Products and Versions\n\n \nIBM Cognos Business Intelligence Server 10.2.2 \nIBM Cognos Business Intelligence Server 10.2.1.1 \nIBM Cognos Business Intelligence Server 10.2.1 \nIBM Cognos Business Intelligence Server 10.2.0\n\n## Remediation/Fixes\n\nThe recommended solution is to apply the fix for versions listed as soon as practical. \n \n[IBM Cognos Business Intelligence Server 10.2.2](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \n[IBM Cognos Business Intelligence Server 10.2.1.1](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \n[IBM Cognos Business Intelligence Server 10.2.1](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \n[IBM Cognos Business Intelligence Server 10.2.0](<http://www-01.ibm.com/support/docview.wss?uid=swg24044320>) \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:47:49", "type": "ibm", "title": "Security Bulletin: IBM Cognos Business Intelligence Server 2017Q4 Security Updater: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2017-16931", "CVE-2017-16932", "CVE-2017-5969", "CVE-2017-7375", "CVE-2017-8872", "CVE-2017-9047", "CVE-2017-9048", "CVE-2017-9049", "CVE-2017-9050"], "modified": "2018-06-15T23:47:49", "id": "0DDFB99CB8C38EE3AD681E1DDB584ED5008E60962834E9D1EA19DCDBB6940E62", "href": "https://www.ibm.com/support/pages/node/295723", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T05:54:12", "description": "## Summary\n\nThis bulletin addresses several security vulnerabilities that are fixed in IBM Cognos Analytics 11.0.10.0. \n \nIBM Cognos Analytics uses the libxml2 library . Mulitple libxml2 vulnerabilities have been addressed. \n \nA vulnerablity was addressed whereby detailed technical error messages can allow an adversary to gain information about the application and database that could be used to conduct further attacks. \n \n\n\n## Vulnerability Details\n\n**CVEID:** [_CVE-2016-4658_](<https://vulners.com/cve/CVE-2016-4658>)** \nDESCRIPTION:** The libxml2 library, as used in multiple products, could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. An attacker could exploit this vulnerability using a specially crafted XML document to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 9.8 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/117175_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/117175>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n** \nCVEID:** [_CVE-2017-9050_](<https://vulners.com/cve/CVE-2017-9050>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictAddString function in dict.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126277_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126277>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n\n**CVEID:** [_CVE-2017-9049_](<https://vulners.com/cve/CVE-2017-9049>)** \nDESCRIPTION:** libxml2 is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the xmlDictComputeFastKey function in dict.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126276_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126276>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-9048_](<https://vulners.com/cve/CVE-2017-9048>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking of the strlen(buf) size in the xmlSnprintfElementContent function in valid.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause the application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126275_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126275>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-9047_](<https://vulners.com/cve/CVE-2017-9047>)** \nDESCRIPTION:** libxml2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the xmlSnprintfElementContent function in valid.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause application to crash. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/126274_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126274>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [_CVE-2017-8872_](<https://vulners.com/cve/CVE-2017-8872>)** \nDESCRIPTION:** libxml2 is vulnerable to a buffer overflow, caused by a a buffer-over-read flaw in the htmlParseTryOrFinish function in HTMLparser.c. By sending a specially-crafted request, a local attacker could overflow a buffer and cause a denial of service condition or obtain sensitive information on the system. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/125890_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/125890>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n**CVEID:** [_CVE-2017-7376_](<https://vulners.com/cve/CVE-2017-7376>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by the incorrect limit used when calculating the port value in xmlParse3986Port function. An attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base Score: 5.9 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/128276_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128276>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2017-7375_](<https://vulners.com/cve/CVE-2017-7375>)** \nDESCRIPTION:** libxml2 could allow a remote attacker to obtain sensitive information, caused by missing validation for external entities in xmlParsePEReference. By sending specially-crafted XML data, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. \nCVSS Base Score: 6.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/128275_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128275>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L)\n\n**CVEID:** [_CVE-2017-5969_](<https://vulners.com/cve/CVE-2017-5969>)** \nDESCRIPTION:** libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xmlSaveDoc functionality when used in recover mode. By persuading a victim to open a specially crafted XML document, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base Score: 5.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/128274_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128274>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)\n\n \n \n**CVEID:** [_CVE-2017-16932_](<https://vulners.com/cve/CVE-2017-16932>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135489_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135489>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [_CVE-2017-16931_](<https://vulners.com/cve/CVE-2017-16931>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/135488_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135488>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n \n \n**CVEID:** [_CVE-2016-9711_](<https://vulners.com/cve/CVE-2016-9711>)** \nDESCRIPTION:** IBM Predictive Solutions Foundation (formerly PMQ) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See [_https://exchange.xforce.ibmcloud.com/vulnerabilities/119619_](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119619>) for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n\n## Affected Products and Versions\n\nIBM Cognos Analytics Versions 11.0.0.0 to 11.0.9.0\n\n## Remediation/Fixes\n\nThe recommended solution is to apply IBM Cognos Analytics 11.0.10.0 as soon as practical. \n \n[Downloading IBM Cognos Analytics 11.0.10.0](<http://www-01.ibm.com/support/docview.wss?uid=swg24044517>) \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-06-15T23:51:36", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in libxml2 affects IBM Cognos Analytics", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4658", "CVE-2016-9711", "CVE-2017-16931", "CVE-2017-16932", "CVE-2017-5969", "CVE-2017-7375", "CVE-2017-7376", "CVE-2017-8872", "CVE-2017-9047", "CVE-2017-9048", "CVE-2017-9049", "CVE-2017-9050"], "modified": "2018-06-15T23:51:36", "id": "1695654077F888DBA5D74372BE319A101D1D52DECCCA129B96319385DBC072A0", "href": "https://www.ibm.com/support/pages/node/567705", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-21T01:39:29", "description": "## Summary\n\nXMLsoft Libxml2 and OpenSSL are consumed by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n**CVEID:** [CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base Score: 7.5 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135489> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n\n**CVEID:** [CVE-2017-16931](<https://vulners.com/cve/CVE-2017-16931>)** \nDESCRIPTION:** Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base Score: 7.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135488> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1840](<https://vulners.com/cve/CVE-2016-1840>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113334> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1839](<https://vulners.com/cve/CVE-2016-1839>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113333> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1838](<https://vulners.com/cve/CVE-2016-1838>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113332> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1837](<https://vulners.com/cve/CVE-2016-1837>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113331> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1836](<https://vulners.com/cve/CVE-2016-1836>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113330> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1835](<https://vulners.com/cve/CVE-2016-1835>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113329> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1834](<https://vulners.com/cve/CVE-2016-1834>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113328> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1833](<https://vulners.com/cve/CVE-2016-1833>)** \nDESCRIPTION:** Apple Mac OS X and Apple IOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially crafted XML file, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/113327> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID:** [CVE-2016-1762](<https://vulners.com/cve/CVE-2016-1762>)** \nDESCRIPTION:** Apple Safari and Apple iOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error in libxml2. By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base Score: 6.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/111628> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)\n\n**CVEID: **[CVE-2017-3737](<https://vulners.com/cve/CVE-2017-3737>)** \nDESCRIPTION:** An unspecified vulnerability in multiple Oracle products could allow an unauthenticated attacker to cause low confidentiality impact, low integrity impact, and high availability impact. \nCVSS Base Score: 5.3 \nCVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136077> for the current score \nCVSS Environmental Score*: Undefined \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n * IBM Netezza Analytics 1.2.4 - 3.3.1\n\n## Remediation/Fixes\n\nTo resolve the reported CVEs for IBM Netezza Analytics, please upgrade to the following version: \n\n_Product_| _VRMF_| _Remediation/First Fix_ \n---|---|--- \n_IBM Netezza Analytics_| _3.3.2_| [_Link to Fix Central_](<https://www.ibm.com/support/fixcentral/swg/selectFixes?product=ibm%2FInformation+Management%2FNetezza+Applications&release=ANALYTICS_3.3&platform=All&function=fixId&fixids=3.3.2.0-IM-Netezza-ANALYTICS-fp120659>) \n \n\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-18T03:10:29", "type": "ibm", "title": "Security Bulletin: Multiple vulnerabilities in XMLsoft Libxml2 and OpenSSL affect IBM Netezza Analytics", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-1762", "CVE-2016-1833", "CVE-2016-1834", "CVE-2016-1835", "CVE-2016-1836", "CVE-2016-1837", "CVE-2016-1838", "CVE-2016-1839", "CVE-2016-1840", "CVE-2017-16931", "CVE-2017-16932", "CVE-2017-3737"], "modified": "2019-10-18T03:10:29", "id": "E23B2B70071C87B4B30F175BDFB816A59FF7F9127F0905729A27B7EF44524CBC", "href": "https://www.ibm.com/support/pages/node/304225", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-27T21:33:05", "description": "## Summary\n\nThe product includes multiple vulnerable components (e.g., framework libraries) that may be identified and exploited with automated tools. IBM QRadar SIEM has addressed the applicable CVEs.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-1629](<https://vulners.com/cve/CVE-2022-1629>) \n** DESCRIPTION: **Vim is vulnerable to a buffer overflow, caused by buffer over-read in find_next_quote. By opening a specially-crafted file, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226323](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226323>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2022-1621](<https://vulners.com/cve/CVE-2022-1621>) \n** DESCRIPTION: **Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by vim_strncpy find_word. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226099](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226099>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H) \n \n** CVEID: **[CVE-2022-1897](<https://vulners.com/cve/CVE-2022-1897>) \n** DESCRIPTION: **Vim could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in function vim_regsub_both. By persuading a victim to run a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227525](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227525>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-1785](<https://vulners.com/cve/CVE-2022-1785>) \n** DESCRIPTION: **Vim could allow a local authenticated attacker to execute arbitrary code on the system, caused by an out-of-bounds write in function vim_regsub_both at regexp.c. By opening a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227016](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227016>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H) \n \n** CVEID: **[CVE-2022-1927](<https://vulners.com/cve/CVE-2022-1927>) \n** DESCRIPTION: **Vim could allow a remote attacker to execute arbitrary code on the system, caused by a buffer over-read in function utf_ptr2char. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227562](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227562>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-27774](<https://vulners.com/cve/CVE-2022-27774>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the \"same host check\" feature during a cross protocol redirects. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225294](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225294>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-22576](<https://vulners.com/cve/CVE-2022-22576>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by improper authentication validation when reuse OAUTH2-authenticated connections. By sending a specially-crafted request using user + \"other OAUTH2 bearer\", an attacker could exploit this vulnerability to bypass access authentication validation. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225291](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225291>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-27776](<https://vulners.com/cve/CVE-2022-27776>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw when asked to send custom headers or cookies in its HTTP requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain authentication or cookie header data information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225296](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225296>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-27775](<https://vulners.com/cve/CVE-2022-27775>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a logic error in the config matching function. By sending a specially-crafted request using IPv6, an attacker could exploit this vulnerability to cause libcurl to reuse the wrong connection to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225295](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225295>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-1586](<https://vulners.com/cve/CVE-2022-1586>) \n** DESCRIPTION: **PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the compile_xclass_matchingpath() function in the pcre2_jit_compile.c file. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226863](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226863>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-25314](<https://vulners.com/cve/CVE-2022-25314>) \n** DESCRIPTION: **libexpat could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the copyString function. By sending an overly-long argument, an attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219946](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219946>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-40528](<https://vulners.com/cve/CVE-2021-40528>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a cross-configuration attack against OpenPGP. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM QRadar SIEM| 7.4.0 - 7.4.3 Fix Pack 7 \nIBM QRadar SIEM| 7.5.0 - 7.5.0 Update Pack 3 \n \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\nAffected Product(s)| Versions| Fix \n---|---|--- \nIBM QRadar SIEM| 7.4| [7.4.3 Fix Pack 8](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+Incident+Forensics&release=7.4.0&platform=Linux&function=fixId&fixids=7.4.3-QRADAR-QIFSFS-20230202163329&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.4.3 Fix Pack 8\" ) \nIBM QRadar SIEM| 7.5| [7.5.0 Update Pack 4](<https://www.ibm.com/support/fixcentral/swg/downloadFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.5.0&platform=Linux&function=fixId&fixids=7.5.0-QRADAR-QRSIEM-20221129155237&includeRequisites=1&includeSupersedes=0&downloadMethod=http> \"7.5.0 Update Pack 4\" ) \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2023-02-27T17:34:12", "type": "ibm", "title": "Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40528", "CVE-2022-1586", "CVE-2022-1621", "CVE-2022-1629", "CVE-2022-1785", "CVE-2022-1897", "CVE-2022-1927", "CVE-2022-22576", "CVE-2022-25314", "CVE-2022-27774", "CVE-2022-27775", "CVE-2022-27776", "CVE-2022-29824"], "modified": "2023-02-27T17:34:12", "id": "AE567113545218823FAE52D3A477168F041C0F35D4EE0A605E4BEBE15225DAAD", "href": "https://www.ibm.com/support/pages/node/6958506", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-28T01:43:22", "description": "## Summary\n\nMultiple issues were identified in Red Hat UBI(ubi8/ubi-minimal) v8.6-x packages [Golang Go, libxml2, curl, expat ,libgcrypt and IBM WebSphere Application Server Liberty] that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-24921](<https://vulners.com/cve/CVE-2022-24921>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a specially-crafted deeply nested expression, a remote attacker could exploit this vulnerability to cause a goroutine stack exhaustion, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221503](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221503>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27782](<https://vulners.com/cve/CVE-2022-27782>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by an easy connection reuse flaw for TLS and SSH. By sending a specially-crafted request using the connections in a connection pool, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226252](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226252>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-27776](<https://vulners.com/cve/CVE-2022-27776>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw when asked to send custom headers or cookies in its HTTP requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain authentication or cookie header data information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225296](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225296>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-27774](<https://vulners.com/cve/CVE-2022-27774>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the \"same host check\" feature during a cross protocol redirects. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225294](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225294>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-22576](<https://vulners.com/cve/CVE-2022-22576>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by improper authentication validation when reuse OAUTH2-authenticated connections. By sending a specially-crafted request using user + \"other OAUTH2 bearer\", an attacker could exploit this vulnerability to bypass access authentication validation. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225291](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225291>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-25313](<https://vulners.com/cve/CVE-2022-25313>) \n** DESCRIPTION: **libexpat is vulnerable to a denial of service, caused by stack exhaustion in build_model. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability using a large nesting depth in the DTD element to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219947](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219947>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-25314](<https://vulners.com/cve/CVE-2022-25314>) \n** DESCRIPTION: **libexpat could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the copyString function. By sending an overly-long argument, an attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219946](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219946>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-28327](<https://vulners.com/cve/CVE-2022-28327>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by improper input validaiton by the generic P-256 feature in crypto/elliptic. By sending a specially-crafted request with long scalar input, a remote attacker could exploit this vulnerability to cause a panic on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224871](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224871>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-24675](<https://vulners.com/cve/CVE-2022-24675>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a stack-based buffer overflow in encoding/pem in the Decode feature. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the program to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-22393](<https://vulners.com/cve/CVE-2022-22393>) \n** DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222078](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222078>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-22475](<https://vulners.com/cve/CVE-2022-22475>) \n** DESCRIPTION: **IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are vulnerable to identity spoofing by an authenticated user. IBM X-Force ID: 225603. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L) \n \n** CVEID: **[CVE-2022-29526](<https://vulners.com/cve/CVE-2022-29526>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to obtain sensitive information, caused by a flaw in the Faccessat function when called with a non-zero flags parameter. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain accessible file information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229593](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229593>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-40528](<https://vulners.com/cve/CVE-2021-40528>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a cross-configuration attack against OpenPGP. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s)** \n---|--- \nIBM MQ Operator| EUS release 1.3.5 and LTS Release 2.0.0 \nIBM supplied MQ Advanced container images| v9.2.0.5-r3 and v9.3.0.0-r1 \n \n\n\n## Remediation/Fixes\n\nIssues listed by this security bulletin are addressed in IBM MQ Operator 2.0.1 LTS release that included IBM supplied MQ Advanced 9.3.0.0-r2 LTS container images and IBM MQ Operator 1.3.6 EUS release that included IBM supplied MQ Advanced 9.2.0.6-r1-eus container images. \n\nIBM MQ Operator 2.0.1 LTS release details:\n\n**Image**| **Fix Version**| **Registry**| **Image Location** \n---|---|---|--- \nibm-mq-operator| 2.0.1| icr.io| icr.io/cpopen/ibm-mq-operator@sha256:46cd4f8dc9a43b1e24ff2568c6dcc63f4e3bbc0b156319b04000107ebf515d79 \nibm-mqadvanced-server| 9.3.0.0-r2| cp.icr.io| cp.icr.io/cp/ibm-mqadvanced-server@sha256:715c088260fbd033f55a3ed36718f45f5f4bc39a6d555394da28727b375d7e76 \nibm-mqadvanced-server-integration| 9.3.0.0-r2| cp.icr.io| cp.icr.io/cp/ibm-mqadvanced-server-integration@sha256:a5f900c79f073da3cdf331efeb182e413d36f31d872bb3b51d51d3dc7ac218fd \nibm-mqadvanced-server-dev| 9.3.0.0-r2| icr.io| icr.io/ibm-messaging/mq@sha256:20c1b287eeac61852d8d7d57a462f1a7aee577ab08478c24e070ee6e3e9492b0 \n \nIBM MQ Operator V.R.M EUS release details:\n\n**Image**| **Fix Version**| **Registry**| **Image Location** \n---|---|---|--- \nibm-mq-operator| 1.3.6| icr.io| icr.io/cpopen/ibm-mq-operator@sha256:567c109c33c67c4e09c6e8b7909ffb7fa4dd6fdd3814888b190959c9d0bce476 \nibm-mqadvanced-server-integration| 9.2.0.6-r1-eus| cp.icr.io| cp.icr.io/cp/ibm-mqadvanced-server-integration@sha256:a55c90166016e2fcca670d2b1c9d66f0929934ee0171b4abd078b767e458b515 \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-08-09T05:46:56", "type": "ibm", "title": "Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Golang Go, libxml2, curl, expat, libgcrypt and IBM WebSphere Application Server Liberty", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-40528", "CVE-2022-22393", "CVE-2022-22475", "CVE-2022-22576", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-27774", "CVE-2022-27776", "CVE-2022-27782", "CVE-2022-28327", "CVE-2022-29526", "CVE-2022-29824"], "modified": "2022-08-09T05:46:56", "id": "6949963E8F8CDBBF076CCA42C1B972D8C4F8D8949B9544DFC6B3726DC3985FF2", "href": "https://www.ibm.com/support/pages/node/6611147", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-28T01:42:32", "description": "## Summary\n\nMultiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2020-14039](<https://vulners.com/cve/CVE-2020-14039>) \n** DESCRIPTION: **Go could allow a remote attacker to bypass security restrictions, caused by improper validation on the VerifyOptions.KeyUsages EKU requirements during the X.509 certificate verification. An attacker could exploit this vulnerability to gain access to the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185443](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185443>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-15586](<https://vulners.com/cve/CVE-2020-15586>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a data race in some net/http servers. By sending specially-crafted HTTP requests, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185446](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185446>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-16845](<https://vulners.com/cve/CVE-2020-16845>) \n** DESCRIPTION: **Go Language is vulnerable to a denial of service, caused by an infinite read loop in ReadUvarint and ReadVarint in encoding/binary. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-24553](<https://vulners.com/cve/CVE-2020-24553>) \n** DESCRIPTION: **Golang Go is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the CGI/FCGI handlers. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187776](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187776>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-28362](<https://vulners.com/cve/CVE-2020-28362>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by improper input validation by the math/big.Int methods. By sending a specially-crafted inputs, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191976>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-28366](<https://vulners.com/cve/CVE-2020-28366>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by a code injection flaw in go command when cgo is in use in build time. By using a specially-crafted package, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191978](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191978>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-28367](<https://vulners.com/cve/CVE-2020-28367>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by a argument injection flaw in go command when cgo is in use in build time. By using a specially-crafted package, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191979](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191979>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-7919](<https://vulners.com/cve/CVE-2020-7919>) \n** DESCRIPTION: **Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this vulnerability to cause a system panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/178227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/178227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27918](<https://vulners.com/cve/CVE-2021-27918>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an infinite loop flaw when using xml.NewTokenDecoder with a custom TokenReader. By persuading a victim to open a specially-crafted XML content, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198075](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198075>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29923](<https://vulners.com/cve/CVE-2021-29923>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to bypass security restrictions, caused by improper consideration for extraneous zero characters at the beginning of an IP address octet. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access control based on IP addresses. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207025](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207025>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-3114](<https://vulners.com/cve/CVE-2021-3114>) \n** DESCRIPTION: **An unspecified error with the P224() Curve implementation can generate incorrect outputs in Golang Go has an unknown impact and attack vector. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195677](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195677>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-31525](<https://vulners.com/cve/CVE-2021-31525>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in net/http. By sending a specially-crafted header to ReadRequest or ReadResponse. Server, Transport, and Client, a remote attacker could exploit this vulnerability to cause a (panic) denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202709](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202709>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33195](<https://vulners.com/cve/CVE-2021-33195>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by not following RFC 1035 rules in the LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr functions in net. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206601](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206601>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-33196](<https://vulners.com/cve/CVE-2021-33196>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the NewReader and OpenReader functions in archive/zip. By persuading a victim to open a specially-crafted archive file, a remote attacker could exploit this vulnerability to cause a panic or an unrecoverable fatal error, and results in a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206602](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206602>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33197](<https://vulners.com/cve/CVE-2021-33197>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to bypass security restrictions, caused by a flaw in the ReverseProxy in net/http/httputil. By sending a specially-crafted request, an attacker could exploit this vulnerability to drop arbitrary headers, including those set by the ReverseProxy.Director. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-33198](<https://vulners.com/cve/CVE-2021-33198>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the SetString and UnmarshalText methods of math/big.Rat. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a panic or an unrecoverable fatal error, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206604](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206604>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36221](<https://vulners.com/cve/CVE-2021-36221>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a race condition upon an ErrAbortHandler abort. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a net/http/httputil ReverseProxy panic. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207036](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207036>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-38297](<https://vulners.com/cve/CVE-2021-38297>) \n** DESCRIPTION: **Golang Go is vulnerable to a buffer overflow, caused by improper bounds checking when invoking functions from WASM modules. By passing very large arguments, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211507](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211507>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-39293](<https://vulners.com/cve/CVE-2021-39293>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw in the NewReader and OpenReader functions in archive/zip. By sending a specially-crafted archive header, a remote attacker could exploit this vulnerability to cause a panic, which results in a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220196](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220196>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-41771](<https://vulners.com/cve/CVE-2021-41771>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an out-of-bounds slice situation in the ImportedSymbols function in debug/macho. By using specially-crafted binaries, a remote attacker could exploit this vulnerability to cause a panic, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213016](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213016>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-41772](<https://vulners.com/cve/CVE-2021-41772>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an out-of-bounds slice situation in the Reader.Open function. By using a specially-crafted ZIP archive containing an invalid name or an empty filename field, a remote attacker could exploit this vulnerability to cause a panic, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213019](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213019>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-44716](<https://vulners.com/cve/CVE-2021-44716>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by an uncontrolled memory consumption in the header canonicalization cache in net/http. By sending HTTP/2 requests, a remote attacker could exploit this vulnerability to consume all available memory resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216553](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216553>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-1271](<https://vulners.com/cve/CVE-2022-1271>) \n** DESCRIPTION: **GNU gzip could allow a remote authenticated attacker to bypass security restrictions, caused by improper validation of file name by the zgrep utility. By using a specially-crafted file name, an attacker could exploit this vulnerability to write arbitrary files on the system. \nCVSS Base score: 7.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223754](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223754>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23772](<https://vulners.com/cve/CVE-2022-23772>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a buffer overflow in the Rat.SetString function in math/big. By sending a specially-crafted request, an attacker could exploit this vulnerability to consume large amount of RAM and cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219442](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219442>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-23773](<https://vulners.com/cve/CVE-2022-23773>) \n** DESCRIPTION: **An unspecified error with not treating branches with semantic-version names as releases in cmd/go in Golang Go has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219443](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219443>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-23806](<https://vulners.com/cve/CVE-2022-23806>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a flaw with IsOnCurve function returns true for invalid field elements. By sending a specially-crafted request, an attacker could exploit this vulnerability to causes a panic in ScalarMult, and results in a denial of condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219444](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219444>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-24675](<https://vulners.com/cve/CVE-2022-24675>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by a stack-based buffer overflow in encoding/pem in the Decode feature. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the program to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224866](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224866>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-24921](<https://vulners.com/cve/CVE-2022-24921>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by improper input validation. By using a specially-crafted deeply nested expression, a remote attacker could exploit this vulnerability to cause a goroutine stack exhaustion, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221503](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221503>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-26691](<https://vulners.com/cve/CVE-2022-26691>) \n** DESCRIPTION: **Apple macOS Monterey and macOS Big Sur could allow a local authenticated attacker to gain elevated privileges on the system, caused by a logic issue in the CUPS component. By using a specially-crafted application, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227437](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227437>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-28327](<https://vulners.com/cve/CVE-2022-28327>) \n** DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by improper input validaiton by the generic P-256 feature in crypto/elliptic. By sending a specially-crafted request with long scalar input, a remote attacker could exploit this vulnerability to cause a panic on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/224871](<https://exchange.xforce.ibmcloud.com/vulnerabilities/224871>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-30184](<https://vulners.com/cve/CVE-2022-30184>) \n** DESCRIPTION: **Microsoft .NET and Visual Studio could allow a remote authenticated attacker to obtain sensitive information. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227713](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227713>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-25314](<https://vulners.com/cve/CVE-2022-25314>) \n** DESCRIPTION: **libexpat could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the copyString function. By sending an overly-long argument, an attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219946](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219946>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-25313](<https://vulners.com/cve/CVE-2022-25313>) \n** DESCRIPTION: **libexpat is vulnerable to a denial of service, caused by stack exhaustion in build_model. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability using a large nesting depth in the DTD element to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219947](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219947>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-40528](<https://vulners.com/cve/CVE-2021-40528>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a cross-configuration attack against OpenPGP. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-23648](<https://vulners.com/cve/CVE-2022-23648>) \n** DESCRIPTION: **containerd could allow a remote attacker to obtain sensitive information, caused by a flaw in the CRI implementation. By using a specially-crafted image configuration, an attacker could exploit this vulnerability to access to read-only copies of arbitrary files and directories on the host system, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220823](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220823>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-31030](<https://vulners.com/cve/CVE-2022-31030>) \n** DESCRIPTION: **containerd is vulnerable to a denial of service, caused by a flaw in the CRI implementation. By sending a specially-crafted request using the ExecSync API, a remote attacker could exploit this vulnerability to cause containerd to consume all available memory on the computer, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/228282](<https://exchange.xforce.ibmcloud.com/vulnerabilities/228282>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-3627](<https://vulners.com/cve/CVE-2015-3627>) \n** DESCRIPTION: **A symlink vulnerability in Libcontainer and Docker Engine regarding the file-descriptor being opened prior to performing the chroot could allow a local attacker to gain elevated privileges on the system. An attacker could exploit this vulnerability using a specially crafted Dockerfile or image to gain elevated privileges on the system. \nCVSS Base score: 4.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103092](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103092>) for the current score. \nCVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-41190](<https://vulners.com/cve/CVE-2021-41190>) \n** DESCRIPTION: **Open Container Initiative Distribution Specification could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when a Content-Type header changed between two pulls of the same digest. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause a client to interpret the resulting content differently. \nCVSS Base score: 3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213802](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213802>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N)\n\n## Affected Products and Versions\n\n**Affected Product(s)**| **Version(s) \n** \n---|--- \nIBM Robotic Process Automation for Cloud Pak| 21.0.1, 21.0.2, 21.0.3 \n \n \n\n\n## Remediation/Fixes\n\n**IBM strongly recommends addressing the vulnerability now.**\n\n**Product(s)**| **Version(s) number and/or range **| **Remediation/Fix/Instructions** \n---|---|--- \nIBM Robotic Process Automation for Cloud Pak| < 21.0.3.1| Follow [instructions](<https://www.ibm.com/docs/en/rpa/21.0?topic=platform-preparing-applying-upgraded-custom-resource> \"instructions\" ) to update to 21.0.3.1 (21.0.3 IF001) or higher. \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-08-25T02:03:35", "type": "ibm", "title": "Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3627", "CVE-2020-14039", "CVE-2020-15586", "CVE-2020-16845", "CVE-2020-24553", "CVE-2020-28362", "CVE-2020-28366", "CVE-2020-28367", "CVE-2020-7919", "CVE-2021-27918", "CVE-2021-29923", "CVE-2021-3114", "CVE-2021-31525", "CVE-2021-33195", "CVE-2021-33196", "CVE-2021-33197", "CVE-2021-33198", "CVE-2021-36221", "CVE-2021-38297", "CVE-2021-39293", "CVE-2021-40528", "CVE-2021-41190", "CVE-2021-41771", "CVE-2021-41772", "CVE-2021-44716", "CVE-2022-1271", "CVE-2022-23648", "CVE-2022-23772", "CVE-2022-23773", "CVE-2022-23806", "CVE-2022-24675", "CVE-2022-24921", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-26691", "CVE-2022-28327", "CVE-2022-29824", "CVE-2022-30184", "CVE-2022-31030"], "modified": "2022-08-25T02:03:35", "id": "30DC450AABD11109A70A2AFC8BA5DC8E8DEFDC385B32C17C4EE2BE3BF55721AB", "href": "https://www.ibm.com/support/pages/node/6615221", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-28T21:37:09", "description": "## Summary\n\nNetcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities, listed in the CVEs below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-26612](<https://vulners.com/cve/CVE-2022-26612>) \n** DESCRIPTION: **Apache Hadoop for Windows could allow a remote attacker to bypass security restrictions, caused by the use of an unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes by the unTar function. By following symbolic links, an attacker could exploit this vulnerability to write arbitrary files on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/223688](<https://exchange.xforce.ibmcloud.com/vulnerabilities/223688>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-40528](<https://vulners.com/cve/CVE-2021-40528>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a cross-configuration attack against OpenPGP. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-31176](<https://vulners.com/cve/CVE-2022-31176>) \n** DESCRIPTION: **Grafana Image Renderer could allow a remote authenticated attacker to obtain sensitive information, caused by an unauthorized file disclosure vulnerability. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to retrieve unauthorized files under some network conditions. \nCVSS Base score: 8.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235284](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235284>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H) \n \n** CVEID: **[CVE-2022-1586](<https://vulners.com/cve/CVE-2022-1586>) \n** DESCRIPTION: **PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read in the compile_xclass_matchingpath() function in the pcre2_jit_compile.c file. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226863](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226863>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-2526](<https://vulners.com/cve/CVE-2022-2526>) \n** DESCRIPTION: **systemd could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw due to the on_stream_io() function and dns_stream_complete() function in \"resolved-dns-stream.c\" not incrementing the reference counting for the DnsStream object. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235161](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235161>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-24434](<https://vulners.com/cve/CVE-2022-24434>) \n** DESCRIPTION: **Node.js dicer module is vulnerable to a denial of service. By sending a specially-crafted form to server, a remote attacker could exploit this vulnerability to crash the node.js service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227085](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227085>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8912](<https://vulners.com/cve/CVE-2020-8912>) \n** DESCRIPTION: **Amazon AWS S3 Crypto SDK for GoLang could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in the in-band key negotiation. By sending a specially-crafted request, an attacker could exploit this vulnerability to change the encryption algorithm of an object in the bucket or obtain the authentication key used by AES-GCM. \nCVSS Base score: 2.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186760](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186760>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-46708](<https://vulners.com/cve/CVE-2021-46708>) \n** DESCRIPTION: **npm swagger-ui-dist could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-31129](<https://vulners.com/cve/CVE-2022-31129>) \n** DESCRIPTION: **Moment is vulnerable to a denial of service, caused by inefficient regular expression complexity. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/230690](<https://exchange.xforce.ibmcloud.com/vulnerabilities/230690>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-35255](<https://vulners.com/cve/CVE-2022-35255>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by the failure to check the return value after calls are made to EntropySource() in SecretKeyGenTraits::DoKeyGen() in src/crypto/crypto_keygen.cc. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236965](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236965>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-35256](<https://vulners.com/cve/CVE-2022-35256>) \n** DESCRIPTION: **Node.js is vulnerable to HTTP request smuggling, caused by the failure to correctly handle header fields that are not terminated with CLRF by the llhttp parser in the http module. A remote attacker could send a specially-crafted request to lead to HTTP Request Smuggling (HRS). An attacker could exploit this vulnerability to poison the web cache, bypass web application firewall protection, and conduct XSS attacks. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236964](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236964>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-22476](<https://vulners.com/cve/CVE-2022-22476>) \n** DESCRIPTION: **IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are vulnerable to identity spoofing by an authenticated user using a specially crafted request. IBM X-Force ID: 225604. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225604](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225604>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-34917](<https://vulners.com/cve/CVE-2022-34917>) \n** DESCRIPTION: **Apache Kafka is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to allocate large amounts of memory on brokers, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/236498](<https://exchange.xforce.ibmcloud.com/vulnerabilities/236498>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29446](<https://vulners.com/cve/CVE-2021-29446>) \n** DESCRIPTION: **jose-node-cjs-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200209](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200209>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-37404](<https://vulners.com/cve/CVE-2021-37404>) \n** DESCRIPTION: **Apache Hadoop is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the libhdfs native code. By opening a specially-crafted file path, a remote attacker could overflow a buffer and execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/228636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/228636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-25168](<https://vulners.com/cve/CVE-2022-25168>) \n** DESCRIPTION: **Apache Hadoop could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper input file name validation by the FileUtil.unTar(File, File) API. By sending specially-crafted arguments, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/232807](<https://exchange.xforce.ibmcloud.com/vulnerabilities/232807>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-33987](<https://vulners.com/cve/CVE-2022-33987>) \n** DESCRIPTION: **Node.js got module could allow a remote attacker to bypass security restrictions, caused by an unspecified. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a redirect to a UNIX socket. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229246](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229246>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-29445](<https://vulners.com/cve/CVE-2021-29445>) \n** DESCRIPTION: **jose-node-esm-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200210](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200210>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2017-1000048](<https://vulners.com/cve/CVE-2017-1000048>) \n** DESCRIPTION: **Ljharb qs is vulnerable to a denial of service. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130305](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130305>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-24329](<https://vulners.com/cve/CVE-2022-24329>) \n** DESCRIPTION: **JetBrains Kotlin could provide weaker than expected security, caused by failing to lock dependencies for Multiplatform Gradle Projects. A remote attacker could exploit this vulnerability to launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220617](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220617>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-28169](<https://vulners.com/cve/CVE-2021-28169>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by a flaw in the ConcatServlet. By sending a specially-crafted request using a doubly encoded path, an attacker could exploit this vulnerability to obtain sensitive information from protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203492](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203492>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-34428](<https://vulners.com/cve/CVE-2021-34428>) \n** DESCRIPTION: **Eclipse Jetty could allow a physical attacker to bypass security restrictions, caused by a session ID is not invalidated flaw when an exception is thrown from the SessionListener#sessionDestroyed() method. By gaining access to the application on the shared computer, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 3.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204227](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204227>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-28163](<https://vulners.com/cve/CVE-2021-28163>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw when the ${jetty.base} directory or the ${jetty.base}/webapps directory is a symlink. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain webapp directory contents information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 2.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-28164](<https://vulners.com/cve/CVE-2021-28164>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by improper input validation by the default compliance mode. By sending specially-crafted requests with URIs that contain %2e or %2e%2e segments, an attacker could exploit this vulnerability to access protected resources within the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199304](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199304>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-34429](<https://vulners.com/cve/CVE-2021-34429>) \n** DESCRIPTION: **Eclipse Jetty could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially-crafted URI, an attacker could exploit this vulnerability to obtain the content of the WEB-INF directory, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205596](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205596>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-28165](<https://vulners.com/cve/CVE-2021-28165>) \n** DESCRIPTION: **Eclipse Jetty is vulnerable to a denial of service, caused by improper input valistion. By sending a specially-crafted TLS frame, a remote attacker could exploit this vulnerability to cause CPU resources to reach to 100% usage. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199305](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199305>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-15168](<https://vulners.com/cve/CVE-2020-15168>) \n** DESCRIPTION: **Node.js node-fetch module is vulnerable to a denial of service, caused by the failure to honor the size option after following a redirect. By using a specially-crafted file, a remote attacker could exploit this vulnerability to consume excessive resource on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188155](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188155>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29444](<https://vulners.com/cve/CVE-2021-29444>) \n** DESCRIPTION: **jose-browser-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200211](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200211>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3737](<https://vulners.com/cve/CVE-2021-3737>) \n** DESCRIPTION: **Python is vulnerable to a denial of service, caused by improper handling of HTTP response in the HTTP client code. By persuading a victim to visit a specially-crafted web site, a remote attacker could exploit this vulnerability to cause the client script enter an infinite loop, and results in a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213407](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213407>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-4189](<https://vulners.com/cve/CVE-2021-4189>) \n** DESCRIPTION: **Python could allow a remote attacker to obtain sensitive information, caused by a flaw when using the FTP client library in PASV (passive) mode. By using a specially-crafted FTP server, an attacker could exploit this vulnerability to obtain service banner information from private network., and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227269](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227269>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2022-36944](<https://vulners.com/cve/CVE-2022-36944>) \n** DESCRIPTION: **Scala could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in LazyList. By sending specially-crafted request using gadget chain, an attacker could exploit this vulnerability to execute arbitrary code, erase contents of arbitrary files or make network connections. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/237018](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237018>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-9488](<https://vulners.com/cve/CVE-2020-9488>) \n** DESCRIPTION: **Apache Log4j is vulnerable to a man-in-the-middle attack, caused by improper certificate validation with host mismatch in the SMTP appender. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/180824](<https://exchange.xforce.ibmcloud.com/vulnerabilities/180824>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-9493](<https://vulners.com/cve/CVE-2020-9493>) \n** DESCRIPTION: **Apache Chainsaw could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw when reading the log events. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203829](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203829>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23307](<https://vulners.com/cve/CVE-2022-23307>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization in the in Apache Chainsaw component. By sending specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-8861](<https://vulners.com/cve/CVE-2015-8861>) \n** DESCRIPTION: **Node.js handlebars module could allow a remote attacker to execute arbitrary code on the system, caused by the failure to use quotes around attributes in handlebar templates. An attacker could exploit this vulnerability to inject and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/112576](<https://exchange.xforce.ibmcloud.com/vulnerabilities/112576>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-19919](<https://vulners.com/cve/CVE-2019-19919>) \n** DESCRIPTION: **Node.js handlebars could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially crafted payload, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173388](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173388>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20920](<https://vulners.com/cve/CVE-2019-20920>) \n** DESCRIPTION: **Node.js handlebars module could allow a remote attacker to execute arbitrary code on the system, caused by the improper validation of the templates by the lookup helper. By sending specially-crafted templates, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171569](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171569>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20922](<https://vulners.com/cve/CVE-2019-20922>) \n** DESCRIPTION: **Node.js handlebars module is vulnerable to a denial of service, caused by an endless loop issue when handling templates. By sending specially-crafted templates, a remote attacker could exploit this vulnerability to exhaust available system resources. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/170971](<https://exchange.xforce.ibmcloud.com/vulnerabilities/170971>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-23369](<https://vulners.com/cve/CVE-2021-23369>) \n** DESCRIPTION: **Node.js handlebars module could allow a remote attacker to execute arbitrary code on the system, caused by a flaw when selecting certain compiling options to compile templates coming from an untrusted source.. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199768](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199768>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-23383](<https://vulners.com/cve/CVE-2021-23383>) \n** DESCRIPTION: **handlebars could allow a remote attacker to execute arbitrary code on the system, caused by prototype pollution when selecting certain compiling options to compile templates coming from an untrusted source. By sending a a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-1320](<https://vulners.com/cve/CVE-2018-1320>) \n** DESCRIPTION: **Apache Thrift could allow a remote attacker to bypass security restrictions, caused by the disablement of an assert used to determine if the SASL handshake had successfully completed. An attacker could exploit this vulnerability to bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155199](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155199>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-0205](<https://vulners.com/cve/CVE-2019-0205>) \n** DESCRIPTION: **Apache Thrift is vulnerable to a denial of service, caused by an error when processing untrusted Thrift payload. A remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-28168](<https://vulners.com/cve/CVE-2021-28168>) \n** DESCRIPTION: **Eclipse Jersey could allow a local attacker to obtain sensitive information, caused by use of the File.createTempFile. An attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200601](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200601>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-44906](<https://vulners.com/cve/CVE-2021-44906>) \n** DESCRIPTION: **Node.js Minimist module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in setKey() function in the index.js script. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222195](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222195>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-22576](<https://vulners.com/cve/CVE-2022-22576>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by improper authentication validation when reuse OAUTH2-authenticated connections. By sending a specially-crafted request using user + \"other OAUTH2 bearer\", an attacker could exploit this vulnerability to bypass access authentication validation. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225291](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225291>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-27774](<https://vulners.com/cve/CVE-2022-27774>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the \"same host check\" feature during a cross protocol redirects. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain credentials information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225294](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225294>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-27776](<https://vulners.com/cve/CVE-2022-27776>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw when asked to send custom headers or cookies in its HTTP requests. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain authentication or cookie header data information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225296](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225296>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-27782](<https://vulners.com/cve/CVE-2022-27782>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by an easy connection reuse flaw for TLS and SSH. By sending a specially-crafted request using the connections in a connection pool, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/226252](<https://exchange.xforce.ibmcloud.com/vulnerabilities/226252>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-32206](<https://vulners.com/cve/CVE-2022-32206>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a denial of service, caused by a flaw in the number of acceptable \"links\" in the \"chained\" HTTP compression algorithms. By persuading a victim to connect a specially-crafted server, a remote attacker could exploit this vulnerability to insert a virtually unlimited number of compression steps, and results in a denial of service condition. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229740](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229740>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-32208](<https://vulners.com/cve/CVE-2022-32208>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a man-in-the-middle attack, caused by a flaw in the handling of message verification failures. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to inject data to the client.. \nCVSS Base score: 3.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/229742](<https://exchange.xforce.ibmcloud.com/vulnerabilities/229742>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-17571](<https://vulners.com/cve/CVE-2019-17571>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by improper deserialization of untrusted data in SocketServer. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173314](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173314>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23305](<https://vulners.com/cve/CVE-2022-23305>) \n** DESCRIPTION: **Apache Log4j is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the JDBCAppender, which could allow the attacker to view, add, modify or delete information in the back-end database. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217461](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217461>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2022-23302](<https://vulners.com/cve/CVE-2022-23302>) \n** DESCRIPTION: **Apache Log4j could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in JMSSink. By sending specially-crafted JNDI requests using TopicConnectionFactoryBindingName configuration, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217460](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217460>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4104](<https://vulners.com/cve/CVE-2021-4104>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data when the attacker has write access to the Log4j configuration. If the deployed application is configured to use JMSAppender, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/215048](<https://exchange.xforce.ibmcloud.com/vulnerabilities/215048>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3121](<https://vulners.com/cve/CVE-2021-3121>) \n** DESCRIPTION: **An unspecified error with the lack of certain index validation, aka the skippy peanut butter issue in GoGo Protobuf has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-35380](<https://vulners.com/cve/CVE-2020-35380>) \n** DESCRIPTION: **GJSON is vulnerable to a denial of service. By using a specially-crafted JSON, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193250](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193250>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-42836](<https://vulners.com/cve/CVE-2021-42836>) \n** DESCRIPTION: **GJSON is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted JSON, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211919](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211919>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-42248](<https://vulners.com/cve/CVE-2021-42248>) \n** DESCRIPTION: **GJSON is vulnerable to a denial of service, caused by a flaw in the gjson.Get function. By sending a specially-crafted JSON input, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227236](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227236>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-44832](<https://vulners.com/cve/CVE-2021-44832>) \n** DESCRIPTION: **Apache Log4j could allow a remote attacker with permission to modify the logging configuration file to execute arbitrary code on the system. By constructing a malicious configuration using a JDBC Appender with a data source referencing a JNDI URI , an attacker could exploit this vulnerability to execute remote code. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/216189](<https://exchange.xforce.ibmcloud.com/vulnerabilities/216189>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** IBM X-Force ID: **213969 \n** DESCRIPTION: **Node.js ioredis module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 4.2 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/213969 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213969>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L) \n \n** IBM X-Force ID: **237819 \n** DESCRIPTION: **Node.js moment-timezone module could allow a remote attacker to execute arbitrary commands on the system, caused by a command injection vulnerability in the grunt-zdownload.js, data-zdump.js, and data-zic.js scripts. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/237819 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/237819>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** IBM X-Force ID: **220573 \n** DESCRIPTION: **FasterXML Woodstox could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations. By using a specially-crafted XML content, a remote attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/220573 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220573>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** IBM X-Force ID: **177835 \n** DESCRIPTION: **Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input. An attacker could exploit this vulnerability using a method call to obtain sensitive information. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [https://exchange.xforce.ibmcloud.com/vulnerabilities/177835 ](<https://exchange.xforce.ibmcloud.com/vulnerabilities/177835>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nNetcool Operations Insight| 1.4.x \nNetcool Operations Insight| 1.5.x \nNetcool Operations Insight| 1.6.x \n \n\n\n## Remediation/Fixes\n\nAs per CVEs listed above \n\nIBM strongly suggests the following remediation / fixes:\n\nNetcool Operations Insight v1.6.7 can be deployed on-premises, on a supported cloud platform, or on a hybrid cloud and on-premises architecture. \n\nPlease go to [https://www.ibm.com/docs/en/noi/1.6.7?topic=installing](<https://www.ibm.com/docs/en/noi/1.6.4?topic=installing>) to follow the installation instructions relevant to your chosen architecture.\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-12-15T09:13:44", "type": "ibm", "title": "Security Bulletin: Netcool Operations Insight v1.6.7 contains fixes for multiple security vulnerabilities.", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8861", "CVE-2017-1000048", "CVE-2018-1320", "CVE-2019-0205", "CVE-2019-17571", "CVE-2019-19919", "CVE-2019-20920", "CVE-2019-20922", "CVE-2020-13956", "CVE-2020-15168", "CVE-2020-35380", "CVE-2020-8912", "CVE-2020-9488", "CVE-2020-9493", "CVE-2021-23369", "CVE-2021-23383", "CVE-2021-28163", "CVE-2021-28164", "CVE-2021-28165", "CVE-2021-28168", "CVE-2021-28169", "CVE-2021-29444", "CVE-2021-29445", "CVE-2021-29446", "CVE-2021-3121", "CVE-2021-34428", "CVE-2021-34429", "CVE-2021-3737", "CVE-2021-37404", "CVE-2021-40528", "CVE-2021-4104", "CVE-2021-4189", "CVE-2021-42248", "CVE-2021-42836", "CVE-2021-44832", "CVE-2021-44906", "CVE-2021-46708", "CVE-2022-1586", "CVE-2022-22476", "CVE-2022-22576", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-24329", "CVE-2022-24434", "CVE-2022-25168", "CVE-2022-2526", "CVE-2022-26612", "CVE-2022-27774", "CVE-2022-27776", "CVE-2022-27782", "CVE-2022-29824", "CVE-2022-31129", "CVE-2022-31176", "CVE-2022-32206", "CVE-2022-32208", "CVE-2022-33987", "CVE-2022-34917", "CVE-2022-35255", "CVE-2022-35256", "CVE-2022-36944"], "modified": "2022-12-15T09:13:44", "id": "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "href": "https://www.ibm.com/support/pages/node/6848225", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-02-28T21:35:26", "description": "## Summary\n\nIBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security (CP4S).\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-29824](<https://vulners.com/cve/CVE-2022-29824>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2022-23308](<https://vulners.com/cve/CVE-2022-23308>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a use-after-free in the ID and IDREF attributes. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/220772](<https://exchange.xforce.ibmcloud.com/vulnerabilities/220772>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-36087](<https://vulners.com/cve/CVE-2021-36087>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a heap-based buffer over-read in ebitmap_match_any. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204796](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204796>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36086](<https://vulners.com/cve/CVE-2021-36086>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in cil_reset_classpermission . By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36085](<https://vulners.com/cve/CVE-2021-36085>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in __cil_verify_classperms. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204794](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204794>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36084](<https://vulners.com/cve/CVE-2021-36084>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in __cil_verify_classperms. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204792](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204792>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-17595](<https://vulners.com/cve/CVE-2019-17595>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17594](<https://vulners.com/cve/CVE-2019-17594>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168970](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168970>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-20270](<https://vulners.com/cve/CVE-2021-20270>) \n** DESCRIPTION: **Pygments is vulnerable to a denial of service, caused by an infinite loop in SMLLexer. By performing syntax highlighting of an SML source file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27291](<https://vulners.com/cve/CVE-2021-27291>) \n** DESCRIPTION: **pygments is vulnerable to a denial of service. By persuading a victim to open a specially-crafted ODIN file using the \"<\" character, a remote attacker could exploit this vulnerability to cause the application to process the file for an extended time. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198308](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198308>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-20673](<https://vulners.com/cve/CVE-2018-20673>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the demangle_template function in cplus-dem.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155168](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155168>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2022-23457](<https://vulners.com/cve/CVE-2022-23457>) \n** DESCRIPTION: **ESAPI could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)`. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass control-flow. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225192](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225192>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-24891](<https://vulners.com/cve/CVE-2022-24891>) \n** DESCRIPTION: **ESAPI is vulnerable to cross-site scripting, caused by incorrect regular expression for onsiteURL in the antisamy-esapi.xml configuration file. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/225344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/225344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-13435](<https://vulners.com/cve/CVE-2020-13435>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by flaw in the sqlite3ExprCodeTarget function in expr.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182406](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182406>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-19603](<https://vulners.com/cve/CVE-2019-19603>) \n** DESCRIPTION: **An error during handling of CREATE TABLE and CREATE VIEW statements in SQLite has an unknown impact via a specially crafted table name. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172765](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172765>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-5827](<https://vulners.com/cve/CVE-2019-5827>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds access in SQLite. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-13751](<https://vulners.com/cve/CVE-2019-13751>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by uninitialized use in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information from process memory. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172987](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172987>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-13750](<https://vulners.com/cve/CVE-2019-13750>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass defense-in-depth measures. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172986](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172986>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2022-36083](<https://vulners.com/cve/CVE-2022-36083>) \n** DESCRIPTION: **Node.js jose module is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request using the p2c JOSE Header Parameter, a remote attacker could exploit this vulnerability to consume unreasonable amount of CPU time, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235579](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235579>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2022-23219](<https://vulners.com/cve/CVE-2022-23219>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the clnt_create function in the sunrpc module. By sending a specially-crafted hostname argument, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-23218](<https://vulners.com/cve/CVE-2022-23218>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the svcunix_create function in the sunrpc module. By sending a specially-crafted path argument, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3999](<https://vulners.com/cve/CVE-2021-3999>) \n** DESCRIPTION: **GNU glibc is vulnerable to an off-by-one buffer overflow and underflow, caused by improper bounds checking by the getcwd() function. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 8.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217981](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217981>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35942](<https://vulners.com/cve/CVE-2021-35942>) \n** DESCRIPTION: **GNU C Library (aka glibc) could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain read arbitrary memory in parse_param (in posix/wordexp.c), or cause the application to crash. \nCVSS Base score: 7.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-33574](<https://vulners.com/cve/CVE-2021-33574>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a denial of service, caused by a use-after-free flaw in the mq_notify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27645](<https://vulners.com/cve/CVE-2021-27645>) \n** DESCRIPTION: **GNU glibc is vulnerable to a denial of service, caused by double-free in the nameserver caching daemon (nscd). By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-25032](<https://vulners.com/cve/CVE-2018-25032>) \n** DESCRIPTION: **Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222615](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222615>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23177](<https://vulners.com/cve/CVE-2021-23177>) \n** DESCRIPTION: **libarchive could allow a local attacker to gain elevated privileges on the system, caused by an improper link resolution flaw. By using a specially-crafted archive file, an attacker could exploit this vulnerability to change the ACL of a file on the system and gain elevated privileges. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222216](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222216>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2021-31566](<https://vulners.com/cve/CVE-2021-31566>) \n** DESCRIPTION: **libarchive could allow a local attacker to gain elevated privileges on the system, caused by an improper link resolution flaw. By using a specially-crafted archive file, an attacker could exploit this vulnerability to change modes, times, access control lists, and flags of a file on the system to gain elevated privileges. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/222218](<https://exchange.xforce.ibmcloud.com/vulnerabilities/222218>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2022-25878](<https://vulners.com/cve/CVE-2022-25878>) \n** DESCRIPTION: **Node.js protobufjs module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/227327](<https://exchange.xforce.ibmcloud.com/vulnerabilities/227327>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L) \n \n** CVEID: **[CVE-2020-12762](<https://vulners.com/cve/CVE-2020-12762>) \n** DESCRIPTION: **json-c could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow and out-of-bounds write. By persuading a victim to run a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182094](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182094>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-4122](<https://vulners.com/cve/CVE-2021-4122>) \n** DESCRIPTION: **Cryptsetup could allow a physical attacker to obtain sensitive information, caused by a flaw in the LUKS2 online reencryption is an optional extension. By modifying on-disk metadata to simulate decryption in progress with crashed (unfinished) reencryption step, an attacker could exploit this vulnerability to decrypt part of the LUKS device to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/217238](<https://exchange.xforce.ibmcloud.com/vulnerabilities/217238>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-40528](<https://vulners.com/cve/CVE-2021-40528>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to bypass security restrictions, caused by a flaw in the ElGamal implementation. By sending a specially-crafted request, an attacker could exploit this vulnerability to perform a cross-configuration attack against OpenPGP. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208744](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208744>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-33560](<https://vulners.com/cve/CVE-2021-33560>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to obtain sensitive information, caused by improper handling of ElGamal encryption. By using side-channel attack techniques against mpi_powm, and the window size, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203266](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203266>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-37616](<https://vulners.com/cve/CVE-2022-37616>) \n** DESCRIPTION: **xmldom could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the dom.js script. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/238439](<https://exchange.xforce.ibmcloud.com/vulnerabilities/238439>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-28153](<https://vulners.com/cve/CVE-2021-28153>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink. By persuading a victim to open a specially-crafted ZIP archive, an attacker could exploit this vulnerability to overwrite arbitrary files on the sytem. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-3800](<https://vulners.com/cve/CVE-2021-3800>) \n** DESCRIPTION: **GNOME GLib could allow a local attacker to obtain sensitive information, caused by a random charset alias issue. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain content from files owned by privileged users, and use this information to launch further attacks against the affected system. \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3572](<https://vulners.com/cve/CVE-2021-3572>) \n** DESCRIPTION: **pip package for python could allow a remote authenticated attacker to bypass security restrictions, caused by the improper handling of Unicode separators in git references. By creating a specially crafted tag, an attacker could exploit this vulnerability to install a different revision on a repository. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-42771](<https://vulners.com/cve/CVE-2021-42771>) \n** DESCRIPTION: **Python-Babel Babel could allow a local authenticated attacker to traverse directories on the system, caused by a flaw in the Babel.Locale function. An attacker could load a specially-crafted .dat file containing \"dot dot\" sequences (/../) to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-20838](<https://vulners.com/cve/CVE-2019-20838>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a buffer over-read in JIT. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-14155](<https://vulners.com/cve/CVE-2020-14155>) \n** DESCRIPTION: **PCRE could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in libpcre. By sending a request with a large number, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183499>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28493](<https://vulners.com/cve/CVE-2020-28493>) \n** DESCRIPTION: **Pallets jinja2 is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the email regex. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195894](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195894>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3200](<https://vulners.com/cve/CVE-2021-3200>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a buffer overflow in the testcase_read function. By persuading a victim to open a specially file, a remote attacker could overflow a buffer and cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203837](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203837>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-25214](<https://vulners.com/cve/CVE-2021-25214>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a broken inbound incremental zone update (IXFR). By sending a specially crafted IXFR, an attacker could exploit this vulnerability to trigger a failed assertion check and terminate the named process. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200961](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200961>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-25219](<https://vulners.com/cve/CVE-2021-25219>) \n** DESCRIPTION: **ISC BIND is vulnerable to a denial of service, caused by a flaw in response processing. By abusing a lame cache, an attacker could exploit this vulnerability to cause a named resolver to spend most of its CPU time on managing and checking the lame cache and severely degrade resolver performance. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212375](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212375>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-36049](<https://vulners.com/cve/CVE-2020-36049>) \n** DESCRIPTION: **Socket.IO socket.io-parser is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a memory consumption, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/194533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/194533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29446](<https://vulners.com/cve/CVE-2021-29446>) \n** DESCRIPTION: **jose-node-cjs-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200209](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200209>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-29445](<https://vulners.com/cve/CVE-2021-29445>) \n** DESCRIPTION: **jose-node-esm-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200210](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200210>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-29444](<https://vulners.com/cve/CVE-2021-29444>) \n** DESCRIPTION: **jose-browser-runtime could allow a remote attacker to obtain sensitive information, caused by observable timing discrepancy in AES_CBC_HMAC_SHA2 Algorithm. By performing a padding oracle attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/200211](<https://exchange.xforce.ibmcloud.com/vulnerabilities/200211>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2022-0778](<https://vulners.com/cve/CVE-2022-0778>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a flaw in the BN_mod_sqrt() function when parsing certificates. By using a specially-crafted certificate with invalid explicit curve parameters, a remote attacker could exploit this vulnerability to cause an infinite loop, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221911](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221911>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23841](<https://vulners.com/cve/CVE-2021-23841>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by a NULL pointer dereference in the X509_issuer_and_serial_hash() function. By parsing the issuer field, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-23840](<https://vulners.com/cve/CVE-2021-23840>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196848](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196848>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3712](<https://vulners.com/cve/CVE-2021-3712>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read when processing ASN.1 strings. By sending specially crafted data, an attacker could exploit this vulnerability to read contents of memory on the system or perform a denial of service attack. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-3445](<https://vulners.com/cve/CVE-2021-3445>) \n** DESCRIPTION: **libdnf could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in signature verification functionality. By placing a signature in the main header, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203146](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203146>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24370](<https://vulners.com/cve/CVE-2020-24370>) \n** DESCRIPTION: **Lua is vulnerable to a denial of service, caused by a negation overflow and segmentation fault in getlocal and setlocal. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186868](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186868>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-16135](<https://vulners.com/cve/CVE-2020-16135>) \n** DESCRIPTION: **Libssh is vulnerable to a denial of service, caused by a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186148](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186148>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3634](<https://vulners.com/cve/CVE-2021-3634>) \n** DESCRIPTION: **libssh is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By sending a specially-crafted request, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208281](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208281>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-32677](<https://vulners.com/cve/CVE-2021-32677>) \n** DESCRIPTION: **FastAPI is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a specially crafted Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203856](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203856>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2022-25893](<https://vulners.com/cve/CVE-2022-25893>) \n** DESCRIPTION: **Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw in the WeakMap.prototype.set method. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/243455](<https://exchange.xforce.ibmcloud.com/vulnerabilities/243455>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2022-36067](<https://vulners.com/cve/CVE-2022-36067>) \n** DESCRIPTION: **Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a sandbox protections bypass flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 10 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/235472](<https://exchange.xforce.ibmcloud.com/vulnerabilities/235472>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3521](<https://vulners.com/cve/CVE-2021-3521>) \n** DESCRIPTION: **RPM Project RPM could allow a remote attacker to bypass security restrictions, caused by improper validation the binding signature of subkeys prior to importing them. By persuading a victim to add a specially-crafted subkey to a legitimate public key, an attacker could exploit this vulnerability cause the victim to trust a malicious signature. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213411](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213411>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-20266](<https://vulners.com/cve/CVE-2021-20266>) \n** DESCRIPTION: **RPM Project RPM is vulnerable to a denial of service, caused by an out-of-bounds read flaw in the hdrblobInit function in lib/header.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201041](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201041>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13950](<https://vulners.com/cve/CVE-2020-13950>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference. By sending specially crafted requests using both Content-Length and Transfer-Encoding headers, a remote attacker could exploit this vulnerability to crash mod_proxy_http. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCloud Pak for Security (CP4S)| 1.10.0.0 - 1.10.6.0 \n \n \n\n\n## Remediation/Fixes\n\nIBM encourages customers to update their systems promptly. \n\nPlease upgrade to at least CP4S 1.10.7.0 following these instructions: <https://www.ibm.com/docs/en/cloud-paks/cp-security/1.10?topic=installing-upgrading-cloud-pak-security>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2023-01-19T13:54:16", "type": "ibm", "title": "Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20673", "CVE-2018-25032", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-19603", "CVE-2019-20838", "CVE-2019-5827", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-13950", "CVE-2020-14155", "CVE-2020-16135", "CVE-2020-24370", "CVE-2020-28493", "CVE-2020-36049", "CVE-2021-20266", "CVE-2021-20270", "CVE-2021-23177", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-25214", "CVE-2021-25219", "CVE-2021-27291", "CVE-2021-27645", "CVE-2021-28153", "CVE-2021-29444", "CVE-2021-29445", "CVE-2021-29446", "CVE-2021-31566", "CVE-2021-3200", "CVE-2021-32677", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-3445", "CVE-2021-3521", "CVE-2021-3572", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-3634", "CVE-2021-3712", "CVE-2021-3800", "CVE-2021-3999", "CVE-2021-40528", "CVE-2021-4122", "CVE-2021-42771", "CVE-2022-0778", "CVE-2022-23218", "CVE-2022-23219", "CVE-2022-23308", "CVE-2022-23457", "CVE-2022-24891", "CVE-2022-25878", "CVE-2022-25893", "CVE-2022-29824", "CVE-2022-36067", "CVE-2022-36083", "CVE-2022-37616"], "modified": "2023-01-19T13:54:16", "id": "C9A62458FFCDA7D13068BA51A14F3364875030AD9E3379B54C1EB8EAA4DD8D49", "href": "https://www.ibm.com/support/pages/node/6856409", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-08T21:32:54", "description": "## Summary\n\nCloud Pak for Security (CP4S) v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2015-8985](<https://vulners.com/cve/CVE-2015-8985>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a flaw in the pop_fail_stack function. By using a specially crafted extended regular expression, a remote attacker could cause an assertion failure and application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126591](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126591>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-8984](<https://vulners.com/cve/CVE-2015-8984>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by an out-of-bounds read in the fnmatch function. By using a malformed pattern, a remote attacker could cause the application crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126595](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126595>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3426](<https://vulners.com/cve/CVE-2021-3426>) \n** DESCRIPTION: **Python pydoc module could allow a remote attacker from within the local network obtain sensitive information. By starting the pydoc server, an attacker could exploit this vulnerability to extract arbitrary files. \nCVSS Base score: 5.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2007-3716](<https://vulners.com/cve/CVE-2007-3716>) \n** DESCRIPTION: **Sun JRE (Java Runtime Environment) and JDK (Java Developer's Kit) could allow a remote attacker to execute arbitrary code on the system, caused by a vulnerability in the XML Digital Signature implementation. By sending a specially-crafted XML signature containing a malicious XSLT stylesheet, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the application's permissions. \nCVSS Base score: 5.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/35332](<https://exchange.xforce.ibmcloud.com/vulnerabilities/35332>) for the current score. \nCVSS Vector: \n \n** CVEID: **[CVE-2017-18018](<https://vulners.com/cve/CVE-2017-18018>) \n** DESCRIPTION: **GNU Coreutils could allow a local attacker to bypass security restrictions, caused by not preventing replacement of a plain file with a symlink issue in chown-core.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify the ownership of arbitrary files. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/137123](<https://exchange.xforce.ibmcloud.com/vulnerabilities/137123>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-17101](<https://vulners.com/cve/CVE-2018-17101>) \n** DESCRIPTION: **LibTIFF is vulnerable to a denial of service, caused by an out-of-bounds write in cpTags in tools/tiff2bw.c and tools/pal2rgb.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149976](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149976>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-10001](<https://vulners.com/cve/CVE-2020-10001>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to obtain sensitive information, caused by improper input validation by the CUPS component. By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to obtain restricted memory information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199353](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199353>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-35448](<https://vulners.com/cve/CVE-2020-35448>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c in the Binary File Descriptor (BFD) library (aka libbfd). By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-26927](<https://vulners.com/cve/CVE-2021-26927>) \n** DESCRIPTION: **JasPer is vulnerable to a denial of service, caused by a NULL pointer dereference in jp2_decode in jp2_dec.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197351](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197351>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-28153](<https://vulners.com/cve/CVE-2021-28153>) \n** DESCRIPTION: **GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink. By persuading a victim to open a specially-crafted ZIP archive, an attacker could exploit this vulnerability to overwrite arbitrary files on the sytem. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198147](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198147>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2017-13728](<https://vulners.com/cve/CVE-2017-13728>) \n** DESCRIPTION: **GNU ncurses is vulnerable to a denial of service, caused by an error in the next_char function in comp_scan.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131172](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131172>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7613](<https://vulners.com/cve/CVE-2017-7613>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124513](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124513>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7612](<https://vulners.com/cve/CVE-2017-7612>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in the check_sysv_hash function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124512](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124512>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7611](<https://vulners.com/cve/CVE-2017-7611>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in check_symtab_shndx function in elflint.c . By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124511](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124511>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7610](<https://vulners.com/cve/CVE-2017-7610>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read check_group function in elflint.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124510](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124510>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7609](<https://vulners.com/cve/CVE-2017-7609>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory consumption in elf_compress.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124509](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124509>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7608](<https://vulners.com/cve/CVE-2017-7608>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read in ebl_object_note_type_name function in eblobjnotetypename.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7607](<https://vulners.com/cve/CVE-2017-7607>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by heap-based buffer over-read handle_gnu_hash function in readelf.c. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124507](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124507>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10255](<https://vulners.com/cve/CVE-2016-10255>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in __libelf_set_rawdata_wrlock function in elf_getdata.c. By persuading a victim to open a specially crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-10254](<https://vulners.com/cve/CVE-2016-10254>) \n** DESCRIPTION: **Elfutils is vulnerable to a denial of service, caused by memory allocation failure in allocate_elf function in common.h. By persuading a victim to open a crafted ELF file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/124086](<https://exchange.xforce.ibmcloud.com/vulnerabilities/124086>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-14062](<https://vulners.com/cve/CVE-2017-14062>) \n** DESCRIPTION: **Libidn2 is vulnerable to a denial of service, caused by an integer overflow in the decode_digit function in puny_decode.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131302](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131302>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7246](<https://vulners.com/cve/CVE-2017-7246>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a stack-based buffer overflow flaw in the pcre32_copy_substring function in pcre_get.c in libpcre1. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash or other unspecified impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-7245](<https://vulners.com/cve/CVE-2017-7245>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a stack-based buffer overflow flaw in the pcre32_copy_substring function in pcre_get.c in libpcre1. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash or other unspecified impact. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123732](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123732>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-4984](<https://vulners.com/cve/CVE-2016-4984>) \n** DESCRIPTION: **openldap-servers could allow a local authenticated attacker to obtain sensitive information, caused by a weak permission for /usr/libexec/openldap/generate-server-cert.sh issue. By leveraging a race condition between the creation of the certificate, a local attacker could exploit this vulnerability to obtain the TLS certificate. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129440](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129440>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-9318](<https://vulners.com/cve/CVE-2016-9318>) \n** DESCRIPTION: **Libxml2 could allow a remote attacker to obtain sensitive information, caused by failure to offer a flag directly indicating the status of current document. By using a specially-crafted document to conduct a XML external entity (XXE) attack, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119018](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119018>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-4493](<https://vulners.com/cve/CVE-2016-4493>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a denial of service, caused by a read access violation in demangle_template_value_parm and do_hpacc_template_literal functions in cplus-dem.c in libiberty. An attacker could exploit this vulnerability using a specially crafted binary to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116387](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116387>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-13685](<https://vulners.com/cve/CVE-2017-13685>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the dump_callback function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131204](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131204>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-20483](<https://vulners.com/cve/CVE-2018-20483>) \n** DESCRIPTION: **GNU Wget could allow a local authenticated attacker to obtain sensitive information, caused by the storing of the origin URL in the user.xdg.origin.url metadata in the set_file_metadata function in xattr.c. By reading the metadata attribute, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/154793](<https://exchange.xforce.ibmcloud.com/vulnerabilities/154793>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-30720](<https://vulners.com/cve/CVE-2021-30720>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to access restricted ports on arbitrary servers. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-8908](<https://vulners.com/cve/CVE-2020-8908>) \n** DESCRIPTION: **Guava could allow a remote authenticated attacker to bypass security restrictions, caused by a temp directory creation vulnerability in com.google.common.io.Files.createTempDir(). By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192996](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192996>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10707](<https://vulners.com/cve/CVE-2016-10707>) \n** DESCRIPTION: **jQuery is vulnerable to a denial of service, caused by removing a logic that lowercased attribute names. By using a mixed-cased name for boolean attributes, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138030](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138030>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-18074](<https://vulners.com/cve/CVE-2018-18074>) \n** DESCRIPTION: **The Requests package for Python could allow a remote attacker to obtain sensitive information, caused by sending information in an insecure manner. By sniffing the network, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/151296](<https://exchange.xforce.ibmcloud.com/vulnerabilities/151296>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-3721](<https://vulners.com/cve/CVE-2018-3721>) \n** DESCRIPTION: **Node.js lodash module could allow a remote attacker to bypass security restrictions, caused by a flaw in the defaultsDeep, 'merge, and mergeWith functions. By modifing the prototype of Object, an attacker could exploit this vulnerability to add or modify existing property that will exist on all objects. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/144603](<https://exchange.xforce.ibmcloud.com/vulnerabilities/144603>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-18874](<https://vulners.com/cve/CVE-2019-18874>) \n** DESCRIPTION: **psutil is vulnerable to a denial of service, caused by a double free. By using specially-crafted data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171612](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171612>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-14145](<https://vulners.com/cve/CVE-2020-14145>) \n** DESCRIPTION: **OpenSSH is vulnerable to a man-in-the-middle attack, caused by an observable discrepancy flaw. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/184514](<https://exchange.xforce.ibmcloud.com/vulnerabilities/184514>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2020-24025](<https://vulners.com/cve/CVE-2020-24025>) \n** DESCRIPTION: **node-sass could allow a remote attacker to bypass security restrictions, caused by the disablement of certificate validation when requesting binaries even if the user is not specifying an alternative download path. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-24370](<https://vulners.com/cve/CVE-2020-24370>) \n** DESCRIPTION: **Lua is vulnerable to a denial of service, caused by a negation overflow and segmentation fault in getlocal and setlocal. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186868](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186868>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-28168](<https://vulners.com/cve/CVE-2020-28168>) \n** DESCRIPTION: **Node.js axios module is vulnerable to server-side request forgery, caused by improper input validation. By providing a URL that responds with a redirect to a restricted host or IP address, an attacker could exploit this vulnerability to conduct SSRF attack to bypass a proxy. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191660>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-30641](<https://vulners.com/cve/CVE-2021-30641>) \n** DESCRIPTION: **Apache HTTP Server could provide weaker than expected security, caused by unexpected URL matching behavior with 'MergeSlashes OFF. An attacker could exploit this vulnerability to match URLs from all sites in the same domain and launch further attacks on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-31535](<https://vulners.com/cve/CVE-2021-31535>) \n** DESCRIPTION: **X.Org libX11 is vulnerable to a denial of service, caused by improper input validation by the length of the string parameters. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause emission of extra X protocol requests to the X server, and results in a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202043](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202043>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33503](<https://vulners.com/cve/CVE-2021-33503>) \n** DESCRIPTION: **urllib3 is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw due to catastrophic backtracking. By sending a specially-crafted URL request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203109](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203109>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33928](<https://vulners.com/cve/CVE-2021-33928>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_installable in src/repo.h function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208702](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208702>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33929](<https://vulners.com/cve/CVE-2021-33929>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_disabled_solvable in src/repo.h. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208665](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208665>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33930](<https://vulners.com/cve/CVE-2021-33930>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the pool_installable_whatprovides in src/repo.h function. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208664](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208664>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-33938](<https://vulners.com/cve/CVE-2021-33938>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a heap-based buffer overflow in the prune_to_recommended in src/policy.c function. An attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208663](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208663>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35556](<https://vulners.com/cve/CVE-2021-35556>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35559](<https://vulners.com/cve/CVE-2021-35559>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Swing component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211635](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211635>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35561](<https://vulners.com/cve/CVE-2021-35561>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Utility component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35564](<https://vulners.com/cve/CVE-2021-35564>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Keytool component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211640](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211640>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-35565](<https://vulners.com/cve/CVE-2021-35565>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211641](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211641>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35578](<https://vulners.com/cve/CVE-2021-35578>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211654](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211654>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35586](<https://vulners.com/cve/CVE-2021-35586>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the ImageIO component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211661>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-29362](<https://vulners.com/cve/CVE-2020-29362>) \n** DESCRIPTION: **p11-glue p11-kit could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read flaw in the RPC protocol. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain up to 4 bytes of memory past the heap allocation, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-6891](<https://vulners.com/cve/CVE-2017-6891>) \n** DESCRIPTION: **GnuTLS libtasn1 is vulnerable to a stack-based buffer overflow, caused by 2 errors in the asn1_find_node function in lib/parser_aux.c. By persuading a victim to open a specially-crafted assignments file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/127214](<https://exchange.xforce.ibmcloud.com/vulnerabilities/127214>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4008](<https://vulners.com/cve/CVE-2016-4008>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by improper handling of the ASN1_DECODE_FLAG_STRICT_DER flag in _asn1_extract_der_octet function in lib/decoding.c. By using a malformed certificate, a remote attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/113127](<https://exchange.xforce.ibmcloud.com/vulnerabilities/113127>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-8817](<https://vulners.com/cve/CVE-2017-8817>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by an out-of-bounds read flaw in the FTP wildcard matching function (CURLOPT_WILDCARDMATCH). By using a string that ends with an '[' character, an attacker could exploit this vulnerability to redirect the victim to an arbitrary site. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135658](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135658>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8625](<https://vulners.com/cve/CVE-2016-8625>) \n** DESCRIPTION: **cURL/libcurl could provide weaker than expected security, caused by the translation of International Domain Names (IDNA) to puny code for DNS resolving using the IDNA 2003 standard. An attacker could exploit this vulnerability to issue network transfer requests to the wrong host. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118644](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118644>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8624](<https://vulners.com/cve/CVE-2016-8624>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to parse the authority component of the URL when handling '#' character. By using a specially-crafted URL with '#' character, an attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118642](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118642>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8621](<https://vulners.com/cve/CVE-2016-8621>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to obtain sensitive information, caused by an out of bounds read error within the curl_getdate function. By using specially-crafted date strings, a remote attacker could exploit this vulnerability to execute arbitrary code in the context of the process and obtain sensitive information. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-8616](<https://vulners.com/cve/CVE-2016-8616>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to bypass security restrictions, caused by the use of case insensitive comparisons. By using valid credentials exists for a protocol which supports connection-scoped credentials, an attacker could exploit this vulnerability to cause a connection to be reused. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-8615](<https://vulners.com/cve/CVE-2016-8615>) \n** DESCRIPTION: **cURL/libcurl is vulnerable to cookie injection, caused by an error related to fgets() function. By using a malicious server that sends a very long cookie name and value, a remote attacker could exploit this vulnerability to inject a malicious cookie for arbitrary domains. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118632](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118632>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-22924](<https://vulners.com/cve/CVE-2021-22924>) \n** DESCRIPTION: **An unspecified error with bad connection reused due to improper path name validation in cURL libcurl has an unknown impact and attack vector. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206047](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206047>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-0755](<https://vulners.com/cve/CVE-2016-0755>) \n** DESCRIPTION: **Libcurl could allow a remote attacker to bypass security restrictions, caused by the failure to check NTLM-authenticated proxy connections for reuse. An attacker could exploit this vulnerability to use a proxy connection for a different authenticated client username. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110290](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110290>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-13050](<https://vulners.com/cve/CVE-2019-13050>) \n** DESCRIPTION: **GNU Privacy Guard (GnuPG) is vulnerable to a denial of service, caused by a certificate spamming attack when referring to a host on the SKS keyserver network in the keyserver configuration. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-5276](<https://vulners.com/cve/CVE-2015-5276>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could provide weaker than expected security, caused by the failure to properly handle short reads from blocking sources by the std::random_device class in libstdc++. A remote attacker could exploit thsi vulnerability to predict random values. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108548](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108548>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-19645](<https://vulners.com/cve/CVE-2019-19645>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an infinite recursion flaw in alter.c. By sending a specially-crafted request using certain types of self-referential views in conjunction with ALTER TABLE statements, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172774](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172774>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19880](<https://vulners.com/cve/CVE-2019-19880>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by an invalid pointer dereference in exprListAppendList in window.c. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173387](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173387>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19924](<https://vulners.com/cve/CVE-2019-19924>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by the mishandling of certain parser-tree rewriting in the sqlite3WindowRewrite function in expr.c, vdbeaux.c, and window.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173495](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173495>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-8457](<https://vulners.com/cve/CVE-2019-8457>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/161901](<https://exchange.xforce.ibmcloud.com/vulnerabilities/161901>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13631](<https://vulners.com/cve/CVE-2020-13631>) \n** DESCRIPTION: **SQLite could allow a remote attacker to bypass security restrictions, caused by a flaw in the alter.c and build.c. By sending a specially crafted request, an attacker could exploit this vulnerability to rename the virtual table to the name of one of its shadow tables. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182611](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182611>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2017-9233](<https://vulners.com/cve/CVE-2017-9233>) \n** DESCRIPTION: **libexpat is vulnerable to a denial of service, caused by a XML External Entity vulnerability in the parser. By using a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause an infinite loop. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129459](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129459>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-5300](<https://vulners.com/cve/CVE-2016-5300>) \n** DESCRIPTION: **Expat XML parser is vulnerable to a denial of service, caused by the failure to use sufficient entropy for hash initialization. By using specially-crafted identifiers in an XML document, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114435](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114435>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-4472](<https://vulners.com/cve/CVE-2016-4472>) \n** DESCRIPTION: **Expat XML parser is vulnerable to a denial of service, caused by the removal by compilers with certain optimization settings. By using a specially-crafted XML data, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114683](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114683>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2695](<https://vulners.com/cve/CVE-2015-2695>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established SPNEGO context, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107874](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107874>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2696](<https://vulners.com/cve/CVE-2015-2696>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service, caused by a pointer type error in the GSS-API library. By sending a specially crafted gss_inquire_context() call on a partially-established IAKERB context, a remote attacker could exploit this vulnerability to cause the process to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107875](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107875>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19906](<https://vulners.com/cve/CVE-2019-19906>) \n** DESCRIPTION: **cyrus-sasl is vulnerable to a denial of service, caused by an off-by-one error in _sasl_add_string in common.c. By sending a malformed LDAP packet, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-1234](<https://vulners.com/cve/CVE-2016-1234>) \n** DESCRIPTION: **glibc is vulnerable to a denial of service, caused by a stack-based buffer overflow within the glob implementation when GLOB_ALTDIRFUNC is used. A remote attacker could exploit this vulnerability using an overly long name to overflow a buffer and cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111311](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111311>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2020-13956](<https://vulners.com/cve/CVE-2020-13956>) \n** DESCRIPTION: **Apache HttpClient could allow a remote attacker to bypass security restrictions, caused by the improper handling of malformed authority component in request URIs. By passing request URIs to the library as java.net.URI object, an attacker could exploit this vulnerability to pick the wrong target host for request execution. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189572](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189572>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2020-26154](<https://vulners.com/cve/CVE-2020-26154>) \n** DESCRIPTION: **libproxy is vulnerable to a buffer overflow, caused by improper bounds checking. By persuading a victim to open a specially crafted PAC file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/189418](<https://exchange.xforce.ibmcloud.com/vulnerabilities/189418>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13645](<https://vulners.com/cve/CVE-2020-13645>) \n** DESCRIPTION: **GNOME glib-networking is vulnerable to a man-in-the-middle attack, caused by missing hostname verification in the server TLS certificate in the implementation of GTlsClientConnection. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182648](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182648>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2018-16435](<https://vulners.com/cve/CVE-2018-16435>) \n** DESCRIPTION: **Little CMS is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the AllocateDataSet function in cmscgats.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 5.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149326](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149326>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2008-3105](<https://vulners.com/cve/CVE-2008-3105>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a denial of service, caused by an error in XML data processing. An attacker could exploit this vulnerability using the JAX-WS client or a service in a trusted application to cause a denial of service. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43657](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43657>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2021-22931](<https://vulners.com/cve/CVE-2021-22931>) \n** DESCRIPTION: **Node.js could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207230](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207230>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-3672](<https://vulners.com/cve/CVE-2021-3672>) \n** DESCRIPTION: **The c-ares library could provide weaker than expected security, caused by missing input validation on hostnames returned by DNS servers. An attacker could exploit this vulnerability to cause the output of wrong hostnames leading to Domain Hijacking and and injection vulnerabilities in applications using the library. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207212](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207212>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-3153](<https://vulners.com/cve/CVE-2015-3153>) \n** DESCRIPTION: **cURL/libcURL could allow a remote attacker to obtain sensitive information, caused by custom HTTP headers with sensitive content being sent to the server and intermediate proxy by the CURLOPT_HTTPHEADER option. An attacker could exploit this vulnerability to obtain authentication cookies or other sensitive information. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/102989](<https://exchange.xforce.ibmcloud.com/vulnerabilities/102989>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2016-8617](<https://vulners.com/cve/CVE-2016-8617>) \n** DESCRIPTION: **cURL/libcurl could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an out of bounds write in the base64 encode function. By using a specially crafted username, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118636](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118636>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3859](<https://vulners.com/cve/CVE-2019-3859>) \n** DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read in the _libssh2_packet_require and _libssh2_packet_requirev functions. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-3860](<https://vulners.com/cve/CVE-2019-3860>) \n** DESCRIPTION: **libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing packets with empty payloads. By sending a specially crafted SFTP packet, a remote attacker could exploit this vulnerability to cause a denial of service or read data in the client memory. \nCVSS Base score: 5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-13558](<https://vulners.com/cve/CVE-2020-13558>) \n** DESCRIPTION: **WebKitGTK and WPE WebKit could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the AudioSourceProviderGStreamer class. By persuading a victim to open specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1788](<https://vulners.com/cve/CVE-2021-1788>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195895](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195895>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1789](<https://vulners.com/cve/CVE-2021-1789>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195893](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195893>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1844](<https://vulners.com/cve/CVE-2021-1844>) \n** DESCRIPTION: **Apple Safari, macOS Big Sur, iOS, iPadOS and watchOS could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw in the WebKit component. By persuading a victim to open a specially-crafted web content, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197853](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197853>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1870](<https://vulners.com/cve/CVE-2021-1870>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195638](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195638>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1871](<https://vulners.com/cve/CVE-2021-1871>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195639](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195639>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21779](<https://vulners.com/cve/CVE-2021-21779>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the WebKit componenet. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202343](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202343>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-21806](<https://vulners.com/cve/CVE-2021-21806>) \n** DESCRIPTION: **WebKit WebKitGTK could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in fireEventListeners. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205101](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205101>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30663](<https://vulners.com/cve/CVE-2021-30663>) \n** DESCRIPTION: **Apple iOS, iPadOS and macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201120](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201120>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30665](<https://vulners.com/cve/CVE-2021-30665>) \n** DESCRIPTION: **Apple iOS, iPadOS, watchOS and macOS Big Sur could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201119](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201119>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30734](<https://vulners.com/cve/CVE-2021-30734>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202348](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202348>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30749](<https://vulners.com/cve/CVE-2021-30749>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by multiple memory corruption issues in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202347](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202347>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30758](<https://vulners.com/cve/CVE-2021-30758>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a type confusion in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206132](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206132>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30795](<https://vulners.com/cve/CVE-2021-30795>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by an error in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206134](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206134>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30797](<https://vulners.com/cve/CVE-2021-30797>) \n** DESCRIPTION: **Apple Safari could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206133](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206133>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-30799](<https://vulners.com/cve/CVE-2021-30799>) \n** DESCRIPTION: **Apple macOS Catalina could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206131](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206131>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-13565](<https://vulners.com/cve/CVE-2019-13565>) \n** DESCRIPTION: **OpenLDAP could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an error when using SASL authentication and session encryption. An attacker could exploit this vulnerability to gain privileges on the system. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/165451](<https://exchange.xforce.ibmcloud.com/vulnerabilities/165451>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-18276](<https://vulners.com/cve/CVE-2019-18276>) \n** DESCRIPTION: **GNU Bash could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the disable_priv_mode in shell.c. By sending a specially-crafted command, an attacker could exploit this vulnerability to escalate privileges. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172331](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172331>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-9924](<https://vulners.com/cve/CVE-2019-9924>) \n** DESCRIPTION: **Bash could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by the failure to prevent the shell user from modifying BASH_CMDS in the rbash. By modifying BASH_CMDS, an attacker could exploit this vulnerability to execute arbitrary commands on the system with the permissions of the shell. \nCVSS Base score: 8.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158906](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158906>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3520](<https://vulners.com/cve/CVE-2021-3520>) \n** DESCRIPTION: **lz4 could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow. By sending a specially crafted file, an attacker could invoke memmove() on a negative size argument leading to memory corruption and trigger an out-of-bounds write or cause the library to crash. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202592](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202592>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3518](<https://vulners.com/cve/CVE-2021-3518>) \n** DESCRIPTION: **GNOME libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the xmlXIncludeDoProcess() function in xinclude.c. By sending a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203144](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203144>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3517](<https://vulners.com/cve/CVE-2021-3517>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by xmlEncodeEntitiesInternal() in entities.c. By sending a specially crafted file, a remote attacker could trigger an out-of-bounds read and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 8.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H) \n \n** CVEID: **[CVE-2021-3796](<https://vulners.com/cve/CVE-2021-3796>) \n** DESCRIPTION: **Vim is vulnerable to a denial of service, caused by a use-after-free in nv_replace. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 8.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209462](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209462>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2019-13115](<https://vulners.com/cve/CVE-2019-13115>) \n** DESCRIPTION: **libssh2 could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write in the kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 8.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/163766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/163766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-12762](<https://vulners.com/cve/CVE-2020-12762>) \n** DESCRIPTION: **json-c could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow and out-of-bounds write. By persuading a victim to run a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182094](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182094>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-27828](<https://vulners.com/cve/CVE-2020-27828>) \n** DESCRIPTION: **Jasper is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the cp_create() in jpc_enc.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193630](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193630>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-27918](<https://vulners.com/cve/CVE-2020-27918>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error in the WebKit component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the device. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191303](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191303>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-35492](<https://vulners.com/cve/CVE-2020-35492>) \n** DESCRIPTION: **cairo is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by image-compositor.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198420](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198420>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3778](<https://vulners.com/cve/CVE-2021-3778>) \n** DESCRIPTION: **Vim is vulnerable to a heap-based buffer overflow, caused by improper bounds checking. By sending a specially-crafted input, a local attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209481](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209481>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-10140](<https://vulners.com/cve/CVE-2017-10140>) \n** DESCRIPTION: **Postfix could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in in undocumented function in Berkeley DB. By reading settings from DB_CONFIG in the current directory, an authenticated attacker could exploit this vulnerability to gain elevated privileges. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/142457](<https://exchange.xforce.ibmcloud.com/vulnerabilities/142457>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3516](<https://vulners.com/cve/CVE-2021-3516>) \n** DESCRIPTION: **libxml2 could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free in xmlEncodeEntitiesInternal() in entities.c. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202838](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202838>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2020-24977](<https://vulners.com/cve/CVE-2020-24977>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a buffer overflow, caused by improper bounds checking by the xmlEncodeEntitiesInternal function in libxml2/entities.c. By persuading a victim to open a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187847](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187847>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-38185](<https://vulners.com/cve/CVE-2021-38185>) \n** DESCRIPTION: **GNU cpio could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow that triggers an out-of-bounds heap write in the ds_fgetstr function in dstring.c. By persuading a victim to open a specially-crafted crafted pattern file, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207047](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207047>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-22922](<https://vulners.com/cve/CVE-2021-22922>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to bypass security restrictions, caused by not removing incorrect content by the metalink feature. By persuading a victim to download specially-crafted content, an attacker could exploit this vulnerability to access malicious content to keep in the file on disk for further attack. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206045](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206045>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-35942](<https://vulners.com/cve/CVE-2021-35942>) \n** DESCRIPTION: **GNU C Library (aka glibc) could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain read arbitrary memory in parse_param (in posix/wordexp.c), or cause the application to crash. \nCVSS Base score: 7.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-21775](<https://vulners.com/cve/CVE-2021-21775>) \n** DESCRIPTION: **WebKit WebKitGTK could allow a remote attacker to obtain sensitive information, caused by a use-after-free flaw when certain events are processed for ImageLoader objects. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information and cause further memory corruptions. \nCVSS Base score: 7.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/205100](<https://exchange.xforce.ibmcloud.com/vulnerabilities/205100>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L) \n \n** CVEID: **[CVE-2014-0452](<https://vulners.com/cve/CVE-2014-0452>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE related to the JAX-WS component has partial confidentiality impact, partial integrity impact, and partial availability impact. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92474](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92474>) for the current score. \nCVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2018-12700](<https://vulners.com/cve/CVE-2018-12700>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a stack exhaustion in debug_write_type in debug.c. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/145316](<https://exchange.xforce.ibmcloud.com/vulnerabilities/145316>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-13117](<https://vulners.com/cve/CVE-2019-13117>) \n** DESCRIPTION: **libxslt could allow a remote attacker to obtain sensitive information, caused by an error in numbers.c that leads to an uninitialized read in xsltNumberFormatInsertNumbers. An attacker could exploit this vulnerability to discern whether a byte on the stack contains the characters A, a, I, I, or 0, or any other character. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166134](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166134>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2019-20838](<https://vulners.com/cve/CVE-2019-20838>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by a buffer over-read in JIT. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-13435](<https://vulners.com/cve/CVE-2020-13435>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by flaw in the sqlite3ExprCodeTarget function in expr.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a segmentation fault. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182406](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182406>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-16135](<https://vulners.com/cve/CVE-2020-16135>) \n** DESCRIPTION: **Libssh is vulnerable to a denial of service, caused by a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/186148](<https://exchange.xforce.ibmcloud.com/vulnerabilities/186148>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36241](<https://vulners.com/cve/CVE-2020-36241>) \n** DESCRIPTION: **GNOME gnome-autoar could allow a remote attacker to traverse directories on the system, caused by the lack of checks of file in autoar-extractor.c. An attacker could send a specially-crafted file to overwrite arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196330](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196330>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-36332](<https://vulners.com/cve/CVE-2020-36332>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by allocating an excessive amount of memory. By reading a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202249](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202249>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-20270](<https://vulners.com/cve/CVE-2021-20270>) \n** DESCRIPTION: **Pygments is vulnerable to a denial of service, caused by an infinite loop in SMLLexer. By performing syntax highlighting of an SML source file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198758](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198758>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22876](<https://vulners.com/cve/CVE-2021-22876>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by the failure to strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199186](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199186>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-22898](<https://vulners.com/cve/CVE-2021-22898>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the option parser for sending NEW_ENV variables. By sending a specially-crafted request using a clear-text network protocol, an attacker could exploit this vulnerability to obtain sensitive internal information to the server, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202562](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202562>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-22946](<https://vulners.com/cve/CVE-2021-22946>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a required TLS bypassed issue. By sniffing the network, an attacker could exploit this vulnerability to obtain sensitive data in clear text over the network, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209452](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209452>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-23840](<https://vulners.com/cve/CVE-2021-23840>) \n** DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by an integer overflow in CipherUpdate. By sending an overly long argument, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196848](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196848>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29059](<https://vulners.com/cve/CVE-2021-29059>) \n** DESCRIPTION: **Node.js IS-SVG module is vulnerable to a denial of service, caused by an error when the application is provided and checks a specially crafted invalid HWB string. By sending a specially crafted string, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204157](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204157>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33574](<https://vulners.com/cve/CVE-2021-33574>) \n** DESCRIPTION: **GNU C Library (aka glibc) is vulnerable to a denial of service, caused by a use-after-free flaw in the mq_notify function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37136](<https://vulners.com/cve/CVE-2021-37136>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not allow size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211777](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211777>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37137](<https://vulners.com/cve/CVE-2021-37137>) \n** DESCRIPTION: **Netty netty-codec is vulnerable to a denial of service, caused by not restrict the chunk length in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause excessive memory usage, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211779](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211779>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3765](<https://vulners.com/cve/CVE-2021-3765>) \n** DESCRIPTION: **validator.js is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw when calling the rtrim function. By sending a specially-crafted regex input, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212669>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11113](<https://vulners.com/cve/CVE-2017-11113>) \n** DESCRIPTION: **ncurses is vulnerable to a denial of service, caused by a NULL pointer dereference in the _nc_parse_entry function of tinfo/parse_entry.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129022>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11112](<https://vulners.com/cve/CVE-2017-11112>) \n** DESCRIPTION: **ncurses is vulnerable to a denial of service, caused by an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c issue. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129021](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129021>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-29361](<https://vulners.com/cve/CVE-2020-29361>) \n** DESCRIPTION: **p11-glue p11-kit are vulnerable to a denial of service, caused by multiple integer overflows when allocating memory for arrays of attributes and object identifiers. By sending a specially-crafted request using realloc or calloc function, an attacker could exploit this vulnerability to cause a denial of service or possibly execute arbitrary code on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/193532](<https://exchange.xforce.ibmcloud.com/vulnerabilities/193532>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-6003](<https://vulners.com/cve/CVE-2018-6003>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by a stack exhaustion in the _asn1_decode_simple_ber function in decoding.c. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138175](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138175>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-10790](<https://vulners.com/cve/CVE-2017-10790>) \n** DESCRIPTION: **GNU Libtasn1 is vulnerable to a denial of service, caused by a NULL pointer dereference in the _asn1_check_identifier function. By reading specially crafted input, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129312](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129312>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11164](<https://vulners.com/cve/CVE-2017-11164>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in the OP_KETRMAX feature in the match function in pcre_exec.c. By using a specially-crafted regular expression, a remote attacker could exploit this vulnerability to cause stack exhaustion. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-1000254](<https://vulners.com/cve/CVE-2017-1000254>) \n** DESCRIPTION: **libcurl is vulnerable to a denial of service, caused by a buffer overread in the string parser. By sending a specially-crafted response to a PWD command, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133027](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133027>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-8285](<https://vulners.com/cve/CVE-2020-8285>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a denial of service, caused by a stack-based buffer overflow in the wildcard matching function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192855](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192855>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-27212](<https://vulners.com/cve/CVE-2021-27212>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in slapd within the issuerAndThisUpdateCheck function. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a daemon exit. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196992](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196992>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36221](<https://vulners.com/cve/CVE-2020-36221>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an integer underflow in the Certificate Exact Assertion processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36222](<https://vulners.com/cve/CVE-2020-36222>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in the saslAuthzTo validation. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195551](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195551>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36223](<https://vulners.com/cve/CVE-2020-36223>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a double free and out-of-bounds read in the Values Return Filter control handling. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195552](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195552>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36224](<https://vulners.com/cve/CVE-2020-36224>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an invalid pointer free in the saslAuthzTo processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195553](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195553>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36225](<https://vulners.com/cve/CVE-2020-36225>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a double free in the saslAuthzTo processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195554](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195554>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36226](<https://vulners.com/cve/CVE-2020-36226>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a memch->bv_len miscalculation flaw in the saslAuthzTo processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195555](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195555>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36227](<https://vulners.com/cve/CVE-2020-36227>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an infinite loop in the cancel_extop Cancel operation. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195556](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195556>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36228](<https://vulners.com/cve/CVE-2020-36228>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an integer underflow in the Certificate List Exact Assertion processing. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195557](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195557>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36229](<https://vulners.com/cve/CVE-2020-36229>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by a flaw in the X.509 DN parsing in ad_keystring. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195558](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195558>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-36230](<https://vulners.com/cve/CVE-2020-36230>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in the X.509 DN parsing in decode.c ber_next_element. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause slapd to crash, and results in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195559](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195559>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25710](<https://vulners.com/cve/CVE-2020-25710>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in csnNormalize23 function in servers/slapd/schema_init.c. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192487](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192487>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25709](<https://vulners.com/cve/CVE-2020-25709>) \n** DESCRIPTION: **OpenLDAP is vulnerable to a denial of service, caused by an assertion failure in certificateListValidate function in servers/slapd/schema_init.c. By sending a specially crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/192486](<https://exchange.xforce.ibmcloud.com/vulnerabilities/192486>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-20387](<https://vulners.com/cve/CVE-2019-20387>) \n** DESCRIPTION: **libsolv is vulnerable to a denial of service, caused by a heap-based buffer over-read in the repodata_schema2id function in repodata.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175508](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175508>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-9574](<https://vulners.com/cve/CVE-2016-9574>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox is vulnerable to a denial of service, caused by an error during the session handshake. A remote attacker could exploit this vulnerability using using SessionTicket extension and ECDHE-ECDSA to cause a denail of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148073](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148073>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3537](<https://vulners.com/cve/CVE-2021-3537>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference flaw when parsing XML mixed content in recovery mode and post-validated. A remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203084](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203084>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-16932](<https://vulners.com/cve/CVE-2017-16932>) \n** DESCRIPTION: **Xmlsoft libxml2 is vulnerable to a denial of service, caused by an infinite recursion issue in parameter entities. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to exhaust available memory on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135489](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135489>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7595](<https://vulners.com/cve/CVE-2020-7595>) \n** DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by an error in xmlStringLenDecodeEntities in parser.c. An attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175333](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175333>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36222](<https://vulners.com/cve/CVE-2021-36222>) \n** DESCRIPTION: **MIT Kerberos (aka krb5) is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center (KDC). By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause the daemon to crash. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206318](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206318>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-11462](<https://vulners.com/cve/CVE-2017-11462>) \n** DESCRIPTION: **A double free vulnerability in MIT Kerberos 5 (aka krb5) has an unknown impact and attack vector involving automatic deletion of security contexts on error. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132060](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132060>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-28196](<https://vulners.com/cve/CVE-2020-28196>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by an unbounded recursion flaw in lib/krb5/asn.1/asn1_encode.c. By sending a specially-crafted ASN.1-encoded Kerberos message, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191321](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191321>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-15671](<https://vulners.com/cve/CVE-2017-15671>) \n** DESCRIPTION: **GNU C Library is vulnerable to a denial of service, caused by a memory leak in the glob function in glob.c. A remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133909](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133909>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-25219](<https://vulners.com/cve/CVE-2020-25219>) \n** DESCRIPTION: **libproxy is vulnerable to a denial of service, caused by an uncontrolled recursion in url::recvline in url.cpp. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause stack exhaustion. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/188145](<https://exchange.xforce.ibmcloud.com/vulnerabilities/188145>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2018-9234](<https://vulners.com/cve/CVE-2018-9234>) \n** DESCRIPTION: **GnuPG could allow a remote attacker to bypass security restrictions, caused by the failure to enforce a configuration in which key certification requires an offline master Certify key. By sending a specially-crafted request, an attacker could exploit this vulnerability to sign the keys of others with only a signing subkey. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/141380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/141380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-20231](<https://vulners.com/cve/CVE-2021-20231>) \n** DESCRIPTION: **GnuTLS is vulnerable to a denial of service, caused by a use-after-free issue in client sending key_share extension. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause memory corruption and other consequences. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198173](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198173>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-20232](<https://vulners.com/cve/CVE-2021-20232>) \n** DESCRIPTION: **GnuTLS is vulnerable to a denial of service, caused by a use-after-free issue in client_send_params in lib/ext/pre_shared_key.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause memory corruption and other consequences. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198172](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198172>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H) \n \n** CVEID: **[CVE-2021-22947](<https://vulners.com/cve/CVE-2021-22947>) \n** DESCRIPTION: **cURL libcurl is vulnerable to a man-in-the-middle attack, caused by a flaw when connecting to an IMAP, POP3, SMTP or FTP server to exchange data securely using STARTTLS to upgrade the connection to TLS level. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209453](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209453>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2020-1752](<https://vulners.com/cve/CVE-2020-1752>) \n** DESCRIPTION: **GNU glibc could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free. By creating a specially crafted path, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service. \nCVSS Base score: 7.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181313](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181313>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-19603](<https://vulners.com/cve/CVE-2019-19603>) \n** DESCRIPTION: **An error during handling of CREATE TABLE and CREATE VIEW statements in SQLite has an unknown impact via a specially crafted table name. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172765](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172765>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-14155](<https://vulners.com/cve/CVE-2020-14155>) \n** DESCRIPTION: **PCRE could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in libpcre. By sending a request with a large number, an attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/183499](<https://exchange.xforce.ibmcloud.com/vulnerabilities/183499>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-24870](<https://vulners.com/cve/CVE-2020-24870>) \n** DESCRIPTION: **LibRaw is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by ::identify_process_dng_fields. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203026](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203026>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-10685](<https://vulners.com/cve/CVE-2017-10685>) \n** DESCRIPTION: **ncurses (new curses) library could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a format string in the fmt_entry function. By sending specially-crafted format string specifiers in the argument, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128176](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128176>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-10684](<https://vulners.com/cve/CVE-2017-10684>) \n** DESCRIPTION: **ncurses (new curses) library is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the fmt_entry function. By sending an overly long string argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128175](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128175>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-6262](<https://vulners.com/cve/CVE-2016-6262>) \n** DESCRIPTION: **libidn is vulnerable to a stack-based buffer overflow, caused by improper validation of input in idna.c. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115586](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115586>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-6261](<https://vulners.com/cve/CVE-2016-6261>) \n** DESCRIPTION: **libidn is vulnerable to a stack-based buffer overflow, caused by an out-of-bounds read error in idna_to_ascii_4i function in idna.c. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115585](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115585>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-8948](<https://vulners.com/cve/CVE-2015-8948>) \n** DESCRIPTION: **libidn is vulnerable to a stack-based buffer overflow, caused by an out-of-bounds read error. A remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/115588](<https://exchange.xforce.ibmcloud.com/vulnerabilities/115588>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-9586](<https://vulners.com/cve/CVE-2016-9586>) \n** DESCRIPTION: **cURL/libcurl is vulnerable to a buffer overflow, caused by improper boundary checks by the floating point conversion. By sending a specially crafted string, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/119929](<https://exchange.xforce.ibmcloud.com/vulnerabilities/119929>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-8619](<https://vulners.com/cve/CVE-2016-8619>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to execute arbitrary code on the system, caused by double-free error in the krb5 code. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118637](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118637>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-8618](<https://vulners.com/cve/CVE-2016-8618>) \n** DESCRIPTION: **cURL/libcurl could allow a remote attacker to execute arbitrary code on the system, caused by double-free error in the curl_maprintf() function on systems using 32 bit size_t variables. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-1951](<https://vulners.com/cve/CVE-2016-1951>) \n** DESCRIPTION: **Mozilla Netscape Portable Runtime (NSPR) is vulnerable to a buffer overflow, caused by multiple integer overflows in io/prprf.c. By sending an overly long string to a PR_*printf function, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116020](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116020>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-7501](<https://vulners.com/cve/CVE-2017-7501>) \n** DESCRIPTION: **rpm could allow a local attacker to launch a symlink attack, caused by the use of a temporary files with predictable names when installing an RPM. A local authenticated attacker could exploit this vulnerability by creating a symbolic link from a temporary file to arbitrary location, which could allow the attacker to modify content, gain elevated privileges on the system or cause a denial of service. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132734](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132734>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-7500](<https://vulners.com/cve/CVE-2017-7500>) \n** DESCRIPTION: **rpm could allow a local attacker to launch a symlink attack, caused by the improper handling of RPM installations when a destination path was a symbolic link to a directory. A local authenticated attacker could exploit this vulnerability by creating a symbolic link from a temporary file to directories, which could allow the attacker to gain root privileges on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/132733](<https://exchange.xforce.ibmcloud.com/vulnerabilities/132733>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-16931](<https://vulners.com/cve/CVE-2017-16931>) \n** DESCRIPTION: **Xmlsoft libxml2 is vulnerable to a buffer overflow, caused by improper handling of parameter-entity references in xmlParserHandlePEReference function. By using a percent character in a DTD name, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135488](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135488>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4492](<https://vulners.com/cve/CVE-2016-4492>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a write access violation on destination operand in the libiberty demangler. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116386](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116386>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4491](<https://vulners.com/cve/CVE-2016-4491>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a stack-based buffer overflow, caused by an infinite recursion in d_print_comp in the libiberty demangler library. By sending a specially crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116385](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116385>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4490](<https://vulners.com/cve/CVE-2016-4490>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a write access violation in cp-demangle.c. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4489](<https://vulners.com/cve/CVE-2016-4489>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the demangling of virtual tables in method gnu_special. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116383](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116383>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4488](<https://vulners.com/cve/CVE-2016-4488>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free to array ktypevec if the libiberty demangler is called with a certain class signature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116382](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116382>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4487](<https://vulners.com/cve/CVE-2016-4487>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free if the libiberty demangler is called with a certain class signature. An attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116381](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116381>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-2226](<https://vulners.com/cve/CVE-2016-2226>) \n** DESCRIPTION: **GNU Compiler Collection (GCC) is vulnerable to a buffer overflow, caused by an integer overflow in cplus-dem.c when it tries to demangle specially crafted function arguments in the libiberty binary. By sending a specially crafted argument, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/116380](<https://exchange.xforce.ibmcloud.com/vulnerabilities/116380>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-20218](<https://vulners.com/cve/CVE-2019-20218>) \n** DESCRIPTION: **An unspecified error in selectExpander in select.c in SQLite has an unknown impact and attack vector. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173900](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173900>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-10989](<https://vulners.com/cve/CVE-2017-10989>) \n** DESCRIPTION: **SQLite is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by getNodeSize function in ext/rtree/rtree.c. By using a specially-crafted database, a remote attacker could overflow a buffer and cause unspecified impacts on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128354](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128354>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2019-9169](<https://vulners.com/cve/CVE-2019-9169>) \n** DESCRIPTION: **GNU glibc is vulnerable to a heap-based buffer overflow, caused by a buffer over-read flaw in the proceed_next_node function in posix/regexec.c. By sending a specially-crafted argument using a case-insensitive regular-expression match, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-4429](<https://vulners.com/cve/CVE-2016-4429>) \n** DESCRIPTION: **GNU C Library (glibc or libc6) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the clntudp_call function within sunrpc/clnt_udp.c. By sending specially-crafted ICMP and UDP packets, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114024](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114024>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-8983](<https://vulners.com/cve/CVE-2015-8983>) \n** DESCRIPTION: **glibc is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the _IO_wstr_overflow function in libio/wstrops.c. A remote attacker could exploit the vulnerability to cause the application to crash or execute arbitrary code in the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126596](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126596>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-8982](<https://vulners.com/cve/CVE-2015-8982>) \n** DESCRIPTION: **glibc is vulnerable to a stack-based buffer overflow, caused by an integer overflow, caused by an integer overflow in the strxfrm function function. By sending a specially crafted string, a remote attacker could exploit the vulnerability to cause the application to crash or execute arbitrary code in the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/126597](<https://exchange.xforce.ibmcloud.com/vulnerabilities/126597>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-28957](<https://vulners.com/cve/CVE-2021-28957>) \n** DESCRIPTION: **lxml is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the defs.py script. A remote attacker could exploit this vulnerability using the HTML action attribute to inject malicious script into a Web page which would be executed in a victim\u2019s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim\u2019s cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198515](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198515>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41182](<https://vulners.com/cve/CVE-2021-41182>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212274](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212274>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41183](<https://vulners.com/cve/CVE-2021-41183>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212276](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212276>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-41184](<https://vulners.com/cve/CVE-2021-41184>) \n** DESCRIPTION: **jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 7.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212277](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212277>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-7774](<https://vulners.com/cve/CVE-2020-7774>) \n** DESCRIPTION: **Node.js y18n module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191999](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191999>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-23440](<https://vulners.com/cve/CVE-2021-23440>) \n** DESCRIPTION: **Nodejs set-value module could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 7.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209431](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209431>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2021-22940](<https://vulners.com/cve/CVE-2021-22940>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by an incomplete fix for CVE-2021-22930 related to a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207520](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207520>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2016-10540](<https://vulners.com/cve/CVE-2016-10540>) \n** DESCRIPTION: **Node.js minimatch module is vulnerable to a denial of service, caused by a flaw in the minimatch function. By using a specially-crafted value, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149140](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149140>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2020-7768](<https://vulners.com/cve/CVE-2020-7768>) \n** DESCRIPTION: **Node.js grpc module is vulnerable to a denial of service, caused by a prototype pollution flaw by the loadPackageDefinition function. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/191645](<https://exchange.xforce.ibmcloud.com/vulnerabilities/191645>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-22930](<https://vulners.com/cve/CVE-2021-22930>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions, caused by a use-after-free on close http2 on stream canceling. An attacker could exploit this vulnerability to corrupt memory to change process behavior. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206473](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206473>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-28092](<https://vulners.com/cve/CVE-2021-28092>) \n** DESCRIPTION: **Node.js is-svg module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially-crafted regex string, a remote attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198145](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198145>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-29425](<https://vulners.com/cve/CVE-2021-29425>) \n** DESCRIPTION: **Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199852](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199852>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-32838](<https://vulners.com/cve/CVE-2021-32838>) \n** DESCRIPTION: **lask-RESTX is vulnerable to a denial of service, caused by a regular expression flaw in email_regex. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause a regular expression denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209812](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209812>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-37714](<https://vulners.com/cve/CVE-2021-37714>) \n** DESCRIPTION: **jsoup is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the HTML and XML parser to get stuck, timeout, or throw unchecked exceptions resulting in a denial of service condition. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207858](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207858>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3795](<https://vulners.com/cve/CVE-2021-3795>) \n** DESCRIPTION: **semver-regex is vulnerable to a denial of service, caused by the inefficient regular expression complexity. A remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209463](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209463>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2008-3103](<https://vulners.com/cve/CVE-2008-3103>) \n** DESCRIPTION: **The Java Management Extensions (JMX) management agent included in the Sun Java Runtime Environment (JRE) could allow a remote attacker to bypass security restrictions, caused by an unspecified error. If local monitoring is enabled, a JMX client could exploit this vulnerability and perform unauthorized actions on a system running JMX. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43669](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43669>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2008-3109](<https://vulners.com/cve/CVE-2008-3109>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to gain unauthorized access to the system, caused by an error related to scripting language support. By persuading a victim to download an untrusted applet or application, a remote attacker could read and write local files or execute local applications that are accessible to the victim. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43660](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43660>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2008-5347](<https://vulners.com/cve/CVE-2008-5347>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow untrusted applets and applications to gain elevated privileges on the system, caused by multiple unspecified vulnerabilities regarding the JAX-WS and JAXB packages. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47068](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47068>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-35567](<https://vulners.com/cve/CVE-2021-35567>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the Libraries component could allow an authenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211643](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211643>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2015-4041](<https://vulners.com/cve/CVE-2015-4041>) \n** DESCRIPTION: **coreutils is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the src/sort.c. By persuading a victim to run a specially-crafted file, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 6.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/103307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/103307>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-42378](<https://vulners.com/cve/CVE-2021-42378>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern in the getvar_i function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213531](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213531>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42379](<https://vulners.com/cve/CVE-2021-42379>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the next_input_file function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213532](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213532>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42380](<https://vulners.com/cve/CVE-2021-42380>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the clrvar function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213533](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213533>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42381](<https://vulners.com/cve/CVE-2021-42381>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the hash_init function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213534](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213534>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42382](<https://vulners.com/cve/CVE-2021-42382>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the getvar_s function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213535](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213535>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42383](<https://vulners.com/cve/CVE-2021-42383>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the evaluate function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213536](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213536>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42384](<https://vulners.com/cve/CVE-2021-42384>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the handle_special function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213537](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213537>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42385](<https://vulners.com/cve/CVE-2021-42385>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the evaluate function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213538](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213538>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42386](<https://vulners.com/cve/CVE-2021-42386>) \n** DESCRIPTION: **BusyBox could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a use-after-free in awk applet when processing a specially crafted awk pattern iin the nvalloc function. An attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-1799](<https://vulners.com/cve/CVE-2021-1799>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to bypass security restrictions, caused by a port redirection issue in the WebRTC component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to gain access to restricted ports on arbitrary servers. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195887](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195887>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-1801](<https://vulners.com/cve/CVE-2021-1801>) \n** DESCRIPTION: **Apple macOS could allow a remote attacker to bypass security restrictions, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to violate iframe sandboxing policy. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195886](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195886>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-22925](<https://vulners.com/cve/CVE-2021-22925>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by a flaw in the option parser for sending NEW_ENV variables. By sniffing the network traffic, an attacker could exploit this vulnerability to obtain TELNET stack contents, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206051](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206051>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2017-7781](<https://vulners.com/cve/CVE-2017-7781>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to bypass security restrictions, caused by an elliptic curve point addition error when using mixed Jacobian-affine coordinates. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability using man-in-the-middle techniques to compute an incorrect shared secret. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130176](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130176>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2018-18508](<https://vulners.com/cve/CVE-2018-18508>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox, is vulnerable to a denial of service, caused by a NULL pointer dereference in several CMS functions. By sending specially crafted data, a remote attacker could exploit this vulnerability to cause the server to crash. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160205](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160205>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2016-9074](<https://vulners.com/cve/CVE-2016-9074>) \n** DESCRIPTION: **Mozilla Network Security Services (NSS), as used in Mozilla Firefox, could provide weaker than expected security, caused by an insufficient mitigation of timing side-channel attacks. An attacker could exploit this vulnerability to gain launch further attacks on the system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118942](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118942>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2020-12399](<https://vulners.com/cve/CVE-2020-12399>) \n** DESCRIPTION: **Mozilla Firefox could allow a remote attacker to obtain sensitive information, caused by a timing timing attack when performing DSA signatures. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to leak private keys and obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/182800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/182800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2015-8382](<https://vulners.com/cve/CVE-2015-8382>) \n** DESCRIPTION: **PCRE could allow a remote attacker to obtain sensitive information, caused by the mishandling of the pattern and related patterns involving (*ACCEPT) by the match function. An attacker could exploit this vulnerability using a specially crafted regular expression to obtain sensitive information or cause a denial of service. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108465](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108465>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) \n \n** CVEID: **[CVE-2021-37750](<https://vulners.com/cve/CVE-2021-37750>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in kdc/do_tgs_req.c in the Key Distribution Center (KDC). By sending a specially-crafted FAST TGS request with no server field, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208020](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208020>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-42374](<https://vulners.com/cve/CVE-2021-42374>) \n** DESCRIPTION: **BusyBox is vulnerable to a denial of service, caused by an out-of-bounds heap read in lzma/unlzma applet when specially crafted LZMA-compressed input is decompressed. A remote attacker could exploit this vulnerability to cause a denial of service or obtain sensitive information. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213527](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213527>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H) \n \n** CVEID: **[CVE-2021-22923](<https://vulners.com/cve/CVE-2021-22923>) \n** DESCRIPTION: **cURL libcurl could allow a remote attacker to obtain sensitive information, caused by improper protection to user credentials by the metalink feature. By persuading a victim to connect a specially-crafted server, an attacker could exploit this vulnerability to obtain user credentials, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206046](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206046>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-3445](<https://vulners.com/cve/CVE-2021-3445>) \n** DESCRIPTION: **libdnf could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in signature verification functionality. By placing a signature in the main header, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203146](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203146>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-5827](<https://vulners.com/cve/CVE-2019-5827>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds access in SQLite. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/160450](<https://exchange.xforce.ibmcloud.com/vulnerabilities/160450>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-7000](<https://vulners.com/cve/CVE-2017-7000>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by a pointer disclosure in SQLite. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/129419](<https://exchange.xforce.ibmcloud.com/vulnerabilities/129419>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-7036](<https://vulners.com/cve/CVE-2015-7036>) \n** DESCRIPTION: **SQLite could allow a remote attacker to execute arbitrary code on the system, caused by a pointer error in the fts3_tokenizer function. By persuading a victim to visit a specially-crafted Web site, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 6.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108154](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108154>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2020-28498](<https://vulners.com/cve/CVE-2020-28498>) \n** DESCRIPTION: **Node.js Elliptic module could allow a local attacker to obtain sensitive information, caused by a flaw in the secp256k1 implementation in elliptic/ec/key.js. By sending a specially-crafted request using a number of ECDH operations, an attacker could exploit this vulnerability to obtain the private key information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/196053](<https://exchange.xforce.ibmcloud.com/vulnerabilities/196053>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-36085](<https://vulners.com/cve/CVE-2021-36085>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in __cil_verify_classperms. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204794](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204794>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36086](<https://vulners.com/cve/CVE-2021-36086>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a use-after-free in cil_reset_classpermission . By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204795](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204795>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-36087](<https://vulners.com/cve/CVE-2021-36087>) \n** DESCRIPTION: **SELinux Project SELinux is vulnerable to a denial of service, caused by a heap-based buffer over-read in ebitmap_match_any. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/204796](<https://exchange.xforce.ibmcloud.com/vulnerabilities/204796>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2017-6004](<https://vulners.com/cve/CVE-2017-6004>) \n** DESCRIPTION: **Perl Compatible Regular Expressions (PCRE) is vulnerable to a denial of service, caused by a flaw in compile_bracket_matchingpath function in pcre_jit_compile.c. By supplying a specially-crafted regular expression, a local attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 6.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/122097](<https://exchange.xforce.ibmcloud.com/vulnerabilities/122097>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2015-9251](<https://vulners.com/cve/CVE-2015-9251>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/138029](<https://exchange.xforce.ibmcloud.com/vulnerabilities/138029>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2016-10735](<https://vulners.com/cve/CVE-2016-10735>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155339](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155339>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-14041](<https://vulners.com/cve/CVE-2018-14041>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the data-target property of scrollspy. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/146467](<https://exchange.xforce.ibmcloud.com/vulnerabilities/146467>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20676](<https://vulners.com/cve/CVE-2018-20676>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip data-viewport attribute. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155338](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155338>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2018-20677](<https://vulners.com/cve/CVE-2018-20677>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the affix configuration target property. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/155337](<https://exchange.xforce.ibmcloud.com/vulnerabilities/155337>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-10219](<https://vulners.com/cve/CVE-2019-10219>) \n** DESCRIPTION: **Hibernate-Validator is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the SafeHtml validator annotation A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/171317](<https://exchange.xforce.ibmcloud.com/vulnerabilities/171317>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-11358](<https://vulners.com/cve/CVE-2019-11358>) \n** DESCRIPTION: **jQuery, as used in Drupal core, is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159633](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159633>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2019-8331](<https://vulners.com/cve/CVE-2019-8331>) \n** DESCRIPTION: **Bootstrap is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the tooltip or popover data-template. A remote attacker could exploit this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/157409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/157409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11022](<https://vulners.com/cve/CVE-2020-11022>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the jQuery.htmlPrefilter method. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181349](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181349>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2020-11023](<https://vulners.com/cve/CVE-2020-11023>) \n** DESCRIPTION: **jQuery is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the option elements. A remote attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/181350](<https://exchange.xforce.ibmcloud.com/vulnerabilities/181350>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-26926](<https://vulners.com/cve/CVE-2021-26926>) \n** DESCRIPTION: **JasPer is vulnerable to a denial of service, caused by an out-of-bounds read by the jp2_decode function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to disclose information or cause the application to crash. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H) \n \n** CVEID: **[CVE-2021-30689](<https://vulners.com/cve/CVE-2021-30689>) \n** DESCRIPTION: **Apple iOS and iPadOS are vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the WebKit. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202346](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202346>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2021-30744](<https://vulners.com/cve/CVE-2021-30744>) \n** DESCRIPTION: **Apple iOS and iPadOS are vulnerable to universal cross-site scripting, caused by improper validation of user-supplied input by the WebKit component. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202342](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202342>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) \n \n** CVEID: **[CVE-2017-7526](<https://vulners.com/cve/CVE-2017-7526>) \n** DESCRIPTION: **Libgcrypt could allow a remote attacker to obtain sensitive information, caused by a cache side-channel attack when using left-to-right sliding window method by the RSA-1024 implementation. By running arbitrary software where the private key is used, an attacker could exploit this vulnerability to obtain the RSA private key. \nCVSS Base score: 6.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/128271](<https://exchange.xforce.ibmcloud.com/vulnerabilities/128271>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2008-1191](<https://vulners.com/cve/CVE-2008-1191>) \n** DESCRIPTION: **Sun Java Web Start in Sun JDK and JRE could allow a remote attacker to gain elevated privileges, caused by an unspecified vulnerability which allows an untrusted application to assign additional permissions to itself. An attacker could exploit this vulnerability and gain elevated privileges to create arbitrary files on the system. \nCVSS Base score: 6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/41136](<https://exchange.xforce.ibmcloud.com/vulnerabilities/41136>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:S/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2021-26691](<https://vulners.com/cve/CVE-2021-26691>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the mod_session. By sending a specially crafted SessionHeader, a remote attacker could overflow a buffer and cause a denial of service. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203465](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203465>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-33560](<https://vulners.com/cve/CVE-2021-33560>) \n** DESCRIPTION: **GnuPG Libgcrypt could allow a remote attacker to obtain sensitive information, caused by improper handling of ElGamal encryption. By using side-channel attack techniques against mpi_powm, and the window size, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203266](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203266>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-35550](<https://vulners.com/cve/CVE-2021-35550>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a high confidentiality impact using unknown attack vectors. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211627](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211627>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2016-2779](<https://vulners.com/cve/CVE-2016-2779>) \n** DESCRIPTION: **util-linux could allow a local attacker to gain elevated privileges on the system, caused by an error when executing a program via \"runuser -u nonpriv program\". An attacker could exploit this vulnerability using the TIOCSTI ioctl to hijack the tty and gain elevated privileges on the system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111089](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111089>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2015-5218](<https://vulners.com/cve/CVE-2015-5218>) \n** DESCRIPTION: **util-linux is vulnerable to a buffer overflow, caused by improper bounds checking by the page parameter in the text-utils/colcrt.c script. By parsing specially-crafted file, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/108550](<https://exchange.xforce.ibmcloud.com/vulnerabilities/108550>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2016-2781](<https://vulners.com/cve/CVE-2016-2781>) \n** DESCRIPTION: **util-linux could allow a local attacker to gain elevated privileges on the system, caused by an error when executing a program via \"chroot --userspec=someuser:somegroup / /path/to/test\". An attacker could exploit this vulnerability using the TIOCSTI ioctl to hijack the tty and gain elevated privileges on the system. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/111088](<https://exchange.xforce.ibmcloud.com/vulnerabilities/111088>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) \n \n** CVEID: **[CVE-2017-1000100](<https://vulners.com/cve/CVE-2017-1000100>) \n** DESCRIPTION: **cURL could allow a remote attacker to obtain sensitive information, caused by a TFTP URL processing error when doing a TFTP transfer. By redirecting a libcurl-using client request to a TFTP URL containing an overly long file name and tricking the server to send private memory contents, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 5.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/130190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/130190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-22939](<https://vulners.com/cve/CVE-2021-22939>) \n** DESCRIPTION: **Node.js could allow a remote attacker to bypass security restrictions. If the https API was used incorrectly and \"undefined\" was in passed for the \"rejectUnauthorized\" parameter, an attacker could exploit this vulnerability to connect to servers using an expired certificate. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/207233](<https://exchange.xforce.ibmcloud.com/vulnerabilities/207233>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-36159](<https://vulners.com/cve/CVE-2021-36159>) \n** DESCRIPTION: **libfetch could allow a remote attacker to obtain sensitive information, caused by the an out-of-bounds read flaw when handling numeric strings for the FTP and HTTP protocols. By sending a specially-crafted input, an attacker could exploit this vulnerability to obtain sensitive information, or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/206715](<https://exchange.xforce.ibmcloud.com/vulnerabilities/206715>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2020-7751](<https://vulners.com/cve/CVE-2020-7751>) \n** DESCRIPTION: **Pathval could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/190564](<https://exchange.xforce.ibmcloud.com/vulnerabilities/190564>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-23358](<https://vulners.com/cve/CVE-2021-23358>) \n** DESCRIPTION: **Node.js underscore module could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the template function. By sending a specially-crafted argument using the variable property, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198958](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198958>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3711](<https://vulners.com/cve/CVE-2021-3711>) \n** DESCRIPTION: **OpenSSL is vulnerable to a buffer overflow, caused by improper bounds checking by the EVP_PKEY_decrypt() function within implementation of the SM2 decryption. By sending specially crafted SM2 content, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208072](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208072>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2018-25014](<https://vulners.com/cve/CVE-2018-25014>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an uninitialized variable in function ReadSymbol. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202256](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202256>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-18218](<https://vulners.com/cve/CVE-2019-18218>) \n** DESCRIPTION: **File is vulnerable to a heap-based buffer overflow, caused by improper improper bounds checking by the cdf_read_property_info function in cdf.c. By sending an overly large amount of CDF_VECTOR elements, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/169693](<https://exchange.xforce.ibmcloud.com/vulnerabilities/169693>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-42574](<https://vulners.com/cve/CVE-2021-42574>) \n** DESCRIPTION: **Unicode could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the bidirectional algorithm in the unicode specification. By creating a malicious patch containing well placed BiDi characters, an attacker could exploit this vulnerability to execute arbitrary code on the system. Note: This vulnerability also affects Rust. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/212526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/212526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2021-3115](<https://vulners.com/cve/CVE-2021-3115>) \n** DESCRIPTION: **Golang Go could allow a remote attacker to execute arbitrary code on the system, caused by a command injection flaw when using the go get command to fetch modules that make use of cgo. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/195678](<https://exchange.xforce.ibmcloud.com/vulnerabilities/195678>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2017-15088](<https://vulners.com/cve/CVE-2017-15088>) \n** DESCRIPTION: **MIT Kerberos 5 (aka krb5) is vulnerable to a buffer overflow, caused by improper bounds checking by the Distinguished Name (DN) fields in the get_matching_data and X509_NAME_oneline_ex functions. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system. \nCVSS Base score: 9.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135696](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135696>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2008-5352](<https://vulners.com/cve/CVE-2008-5352>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the JAR unpacking utility (unpack200) in the unpack library (unpack.dll). By persuading a victim to visit a malicious Web page, a remote attacker could overflow a buffer and execute arbitrary code on the system. \nCVSS Base score: 9.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47062>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n** CVEID: **[CVE-2008-5358](<https://vulners.com/cve/CVE-2008-5358>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to execute arbitrary code on the system, caused by an error when parsing GIF image files. By persuading a victim to visit a specially-crafted Web site containing a malicious GIF file, a remote attacker could corrupt memory during a splash screen display and execute arbitrary code on the system with the privileges of the victim. \nCVSS Base score: 9.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47049](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47049>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C) \n \n** CVEID: **[CVE-2018-25009](<https://vulners.com/cve/CVE-2018-25009>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ShiftBytes. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2018-25010](<https://vulners.com/cve/CVE-2018-25010>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ApplyFilter. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202255](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202255>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2018-25012](<https://vulners.com/cve/CVE-2018-25012>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ShiftBytes. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202258](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202258>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2018-25013](<https://vulners.com/cve/CVE-2018-25013>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ShiftBytes. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202257](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202257>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2020-36330](<https://vulners.com/cve/CVE-2020-36330>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ChunkVerifyAndAssign. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202251](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202251>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2020-36331](<https://vulners.com/cve/CVE-2020-36331>) \n** DESCRIPTION: **Libwebp is vulnerable to a denial of service, caused by an out-of-bounds read in function ChunkAssignData. A remote attacker could exploit this vulnerability to gain sensitive information or cause the application to crash. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202250](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202250>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) \n \n** CVEID: **[CVE-2021-29921](<https://vulners.com/cve/CVE-2021-29921>) \n** DESCRIPTION: **Python is vulnerable to server-side request forgery, caused by improper input validation of octal strings in the stdlib ipaddress. By submitting a specially-crafted IP address to a web application, an attacker could exploit this vulnerability to conduct SSRF or local file include attacks. \nCVSS Base score: 9.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201083](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201083>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) \n \n** CVEID: **[CVE-2021-40438](<https://vulners.com/cve/CVE-2021-40438>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to server-side request forgery, caused by an error in mod_proxy. By sending a specially crafted request uri-path, a remote attacker could exploit this vulnerability to forward the request to an origin server chosen by the remote user. \nCVSS Base score: 9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/209526](<https://exchange.xforce.ibmcloud.com/vulnerabilities/209526>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2019-13057](<https://vulners.com/cve/CVE-2019-13057>) \n** DESCRIPTION: **NetApp Data ONTAP operating in 7-Mode could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166359](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166359>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-28650](<https://vulners.com/cve/CVE-2021-28650>) \n** DESCRIPTION: **GNOME gnome-autoar could allow a remote attacker to traverse directories on the system, caused by the lack of a check of whether a file's parent is a symlink in certain complex situations in autoar-extractor.c. n attacker can exploit this vulnerability to modify, create, or delete arbitrary files on the system. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198306](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198306>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L) \n \n** CVEID: **[CVE-2020-15719](<https://vulners.com/cve/CVE-2020-15719>) \n** DESCRIPTION: **libldap in certain third-party OpenLDAP packages is vulnerable to a man-in-the-middle attack, caused by a certificate-validation flaw when asserting RFC6125 support. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system. \nCVSS Base score: 4.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/185628](<https://exchange.xforce.ibmcloud.com/vulnerabilities/185628>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N) \n \n** CVEID: **[CVE-2021-20284](<https://vulners.com/cve/CVE-2021-20284>) \n** DESCRIPTION: **GNU Binutils is vulnerable to a denial of service, caused by a heap-based buffer overflow in the _bfd_elf_slurp_secondary_reloc_section function in elf.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198864](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198864>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2021-3572](<https://vulners.com/cve/CVE-2021-3572>) \n** DESCRIPTION: **pip package for python could allow a remote authenticated attacker to bypass security restrictions, caused by the improper handling of Unicode separators in git references. By creating a specially crafted tag, an attacker could exploit this vulnerability to install a different revision on a repository. \nCVSS Base score: 4.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/208954](<https://exchange.xforce.ibmcloud.com/vulnerabilities/208954>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N) \n \n** CVEID: **[CVE-2021-42771](<https://vulners.com/cve/CVE-2021-42771>) \n** DESCRIPTION: **Python-Babel Babel could allow a local authenticated attacker to traverse directories on the system, caused by a flaw in the Babel.Locale function. An attacker could load a specially-crafted .dat file containing \"dot dot\" sequences (/../) to execute arbitrary code on the system. \nCVSS Base score: 7.8 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211766](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211766>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) \n \n** CVEID: **[CVE-2015-0247](<https://vulners.com/cve/CVE-2015-0247>) \n** DESCRIPTION: **e2fsprogs is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the libext2fs library. A local attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. \nCVSS Base score: 4.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/100740](<https://exchange.xforce.ibmcloud.com/vulnerabilities/100740>) for the current score. \nCVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2008-3106](<https://vulners.com/cve/CVE-2008-3106>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to gain unauthorized access, caused by an error in XML data processing. By persuading a victim to download an untrusted applet or application, a remote attacker could gain unauthorized access to certain files and Web pages. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43658](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43658>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2008-3110](<https://vulners.com/cve/CVE-2008-3110>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) could allow a remote attacker to obtain sensitive information, caused by an error related to scripting language support. By persuading a victim to download an untrusted applet, a remote attacker could obtain information from another applet. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/43661](<https://exchange.xforce.ibmcloud.com/vulnerabilities/43661>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N) \n \n** CVEID: **[CVE-2008-5349](<https://vulners.com/cve/CVE-2008-5349>) \n** DESCRIPTION: **Sun Java Runtime Environment (JRE) is vulnerable to a denial of service, caused by an unspecified error while processing RSA public keys. A remote attacker could exploit this vulnerability using a specially-crafted RSA public key to consume all available CPU resources. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/47064](<https://exchange.xforce.ibmcloud.com/vulnerabilities/47064>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2014-2413](<https://vulners.com/cve/CVE-2014-2413>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Java SE related to the Libraries component has no confidentiality impact, partial integrity impact, and no availability impact. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/92489](<https://exchange.xforce.ibmcloud.com/vulnerabilities/92489>) for the current score. \nCVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N) \n \n** CVEID: **[CVE-2019-13750](<https://vulners.com/cve/CVE-2019-13750>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to bypass security restrictions, caused by insufficient data validation in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to bypass defense-in-depth measures. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172986](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172986>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2019-13751](<https://vulners.com/cve/CVE-2019-13751>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by uninitialized use in SQLite. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain sensitive information from process memory. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172987](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172987>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-27291](<https://vulners.com/cve/CVE-2021-27291>) \n** DESCRIPTION: **pygments is vulnerable to a denial of service. By persuading a victim to open a specially-crafted ODIN file using the \"<\" character, a remote attacker could exploit this vulnerability to cause the application to process the file for an extended time. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/198308](<https://exchange.xforce.ibmcloud.com/vulnerabilities/198308>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-30682](<https://vulners.com/cve/CVE-2021-30682>) \n** DESCRIPTION: **Apple iOS and iPadOS could allow a remote attacker to obtain sensitive information, caused by a logic issue in the WebKit component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to user sensitive information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/202344](<https://exchange.xforce.ibmcloud.com/vulnerabilities/202344>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-16879](<https://vulners.com/cve/CVE-2017-16879>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c. By persuading a victim to open a specially crafted terminfo file, an remote attacker could exploit this vulnerability to cause the application to crash or possibly execute arbitrary code. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/135309](<https://exchange.xforce.ibmcloud.com/vulnerabilities/135309>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-2059](<https://vulners.com/cve/CVE-2015-2059>) \n** DESCRIPTION: **libidn could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read with stringprep functions on invalid UTF-8. An attacker could exploit this vulnerability to obtain sensitive information from an application using the libidn library. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/104409](<https://exchange.xforce.ibmcloud.com/vulnerabilities/104409>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-9633](<https://vulners.com/cve/CVE-2019-9633>) \n** DESCRIPTION: **GNOME GLib is vulnerable to a denial of service, caused by the failure to ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/158171](<https://exchange.xforce.ibmcloud.com/vulnerabilities/158171>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-1938](<https://vulners.com/cve/CVE-2016-1938>) \n** DESCRIPTION: **Mozilla Firefox could provide weaker than expected security, caused by the creation of incorrect calculations in certain cases by the Network Security Services (NSS) mp_div() and mp_exptmod() functions. An attacker could exploit this vulnerability to create cryptographic weaknesses. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110190](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110190>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2016-4483](<https://vulners.com/cve/CVE-2016-4483>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by an out-of-bounds read when parsing a specially crafted XML file if recover mode is used. By persuading a victim to open a specially crafted XML file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114279](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114279>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-3189](<https://vulners.com/cve/CVE-2016-3189>) \n** DESCRIPTION: **Bzip2 is vulnerable to a denial of service, caused by a use-after-free error in the bzip2recover. By persuading a victim to open a specially-crafted bzip2 file, an attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114307](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114307>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-13752](<https://vulners.com/cve/CVE-2019-13752>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in SQLite. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172921](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172921>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-13753](<https://vulners.com/cve/CVE-2019-13753>) \n** DESCRIPTION: **Google Chrome could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read in SQLite. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/172922](<https://exchange.xforce.ibmcloud.com/vulnerabilities/172922>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-2697](<https://vulners.com/cve/CVE-2015-2697>) \n** DESCRIPTION: **MIT Kerberos is vulnerable to a denial of service. By sending a TGS request with a specially crafted realm field beginning with a null byte, a remote authenticated attacker could exploit this vulnerability to cause the KDC to crash. \nCVSS Base score: 4.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107876](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107876>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-42375](<https://vulners.com/cve/CVE-2021-42375>) \n** DESCRIPTION: **BusyBox is vulnerable to a denial of service, caused by the incorrect handling of a special element in ash applet when processing a specially crafted shell command. A local authenticated attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/213528](<https://exchange.xforce.ibmcloud.com/vulnerabilities/213528>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H) \n \n** CVEID: **[CVE-2019-1010266](<https://vulners.com/cve/CVE-2019-1010266>) \n** DESCRIPTION: **Lodash is vulnerable to a denial of service, caused by uncontrolled resource consumption in Date handler. By sending an overly long string, a local attacker could exploit this vulnerability to cause the application to stop responding. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168402](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168402>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-27645](<https://vulners.com/cve/CVE-2021-27645>) \n** DESCRIPTION: **GNU glibc is vulnerable to a denial of service, caused by double-free in the nameserver caching daemon (nscd). By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/197417](<https://exchange.xforce.ibmcloud.com/vulnerabilities/197417>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-5186](<https://vulners.com/cve/CVE-2015-5186>) \n** DESCRIPTION: **Linux Audit Framework could allow a local attacker to obtain sensitive information, caused by the improper handling of escape sequences. An attacker could exploit this vulnerability using the ausearch program to obtain sensitive information. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/105894](<https://exchange.xforce.ibmcloud.com/vulnerabilities/105894>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2016-8623](<https://vulners.com/cve/CVE-2016-8623>) \n** DESCRIPTION: **cURL/libcurl could allow a local attacker to obtain sensitive information, caused by an use-after-free error. By using another thread to structs original cookie together with its strings, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/118641](<https://exchange.xforce.ibmcloud.com/vulnerabilities/118641>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-8035](<https://vulners.com/cve/CVE-2015-8035>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by the failure to properly detect compression errors by the xz_decomp function. By using specially-crafted XML data, a local attacker could exploit this vulnerability to cause the process to hang. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/107845](<https://exchange.xforce.ibmcloud.com/vulnerabilities/107845>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2016-6153](<https://vulners.com/cve/CVE-2016-6153>) \n** DESCRIPTION: **SQLite could allow a local attacker to gain elevated privileges on the system, caused by the creation of temporary files in directory with insecure permissions. An attacker could exploit this vulnerability to obtain leaked data. \nCVSS Base score: 4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/114715](<https://exchange.xforce.ibmcloud.com/vulnerabilities/114715>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2021-26690](<https://vulners.com/cve/CVE-2021-26690>) \n** DESCRIPTION: **Apache HTTP Server is vulnerable to a denial of service, caused by a NULL pointer dereference. A remote attacker could exploit this vulnerability using a specially crafted Cookie header handled by mod_session to cause the system to crash. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203464](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203464>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35603](<https://vulners.com/cve/CVE-2021-35603>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the JSSE component could allow an unauthenticated attacker to obtain sensitive information resulting in a low confidentiality impact using unknown attack vectors. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211676](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211676>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-4042](<https://vulners.com/cve/CVE-2015-4042>) \n** DESCRIPTION: **GNU Coreutils is vulnerable to a buffer overflow, caused by improper bounds checking by the keycompare_mb(). By sending an overly long argument, a local attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/150816](<https://exchange.xforce.ibmcloud.com/vulnerabilities/150816>) for the current score. \nCVSS Vector: (AV:L/AC:H/Au:N/C:P/I:P/A:P) \n \n** CVEID: **[CVE-2019-1563](<https://vulners.com/cve/CVE-2019-1563>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a padding oracle attack in PKCS7_dataDecode and CMS_decrypt_set1_pkey. By sending an overly large number of messages to be decrypted, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/167022](<https://exchange.xforce.ibmcloud.com/vulnerabilities/167022>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-1968](<https://vulners.com/cve/CVE-2020-1968>) \n** DESCRIPTION: **OpenSSL could allow a remote attacker to obtain sensitive information, caused by a Raccoon attack in the TLS specification. By computing the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite, an attacker could exploit this vulnerability to eavesdrop on all encrypted communications sent over that TLS connection. \nCVSS Base score: 3.7 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/187977](<https://exchange.xforce.ibmcloud.com/vulnerabilities/187977>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-16429](<https://vulners.com/cve/CVE-2018-16429>) \n** DESCRIPTION: **GNOME GLib is vulnerable to a denial of service, caused by an out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/149332](<https://exchange.xforce.ibmcloud.com/vulnerabilities/149332>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-17594](<https://vulners.com/cve/CVE-2019-17594>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the _nc_find_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168970](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168970>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2019-17595](<https://vulners.com/cve/CVE-2019-17595>) \n** DESCRIPTION: **GNU ncurses could allow a remote attacker to obtain sensitive information, caused by a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/168972](<https://exchange.xforce.ibmcloud.com/vulnerabilities/168972>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2020-29623](<https://vulners.com/cve/CVE-2020-29623>) \n** DESCRIPTION: **Apple macOS, iOS, iPadOS and tvOS could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in WebKit Storage component. By sending a specially-crafted request, an attacker could exploit this vulnerability to fully delete browsing history. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/199361](<https://exchange.xforce.ibmcloud.com/vulnerabilities/199361>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2021-3200](<https://vulners.com/cve/CVE-2021-3200>) \n** DESCRIPTION: **Libsolv is vulnerable to a denial of service, caused by a buffer overflow in the testcase_read function. By persuading a victim to open a specially file, a remote attacker could overflow a buffer and cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/203837](<https://exchange.xforce.ibmcloud.com/vulnerabilities/203837>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13734](<https://vulners.com/cve/CVE-2017-13734>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the _nc_safe_strcat function in strings.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131062](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131062>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13733](<https://vulners.com/cve/CVE-2017-13733>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the fmt_entry function in progs/dump_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131061](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131061>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13732](<https://vulners.com/cve/CVE-2017-13732>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the dump_uses function in progs/dump_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131060](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131060>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13731](<https://vulners.com/cve/CVE-2017-13731>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the postprocess_termcap function in parse_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131059](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131059>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13730](<https://vulners.com/cve/CVE-2017-13730>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the _nc_read_entry_source function in progs/tic.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131057](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131057>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-13729](<https://vulners.com/cve/CVE-2017-13729>) \n** DESCRIPTION: **Ncurses is vulnerable to a denial of service, caused by an illegal address access in the _nc_save_str function in alloc_entry.c. By using a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/131056](<https://exchange.xforce.ibmcloud.com/vulnerabilities/131056>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-2708](<https://vulners.com/cve/CVE-2019-2708>) \n** DESCRIPTION: **An unspecified vulnerability in Oracle Berkeley DB related to the Data Store component could allow an authenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/159800](<https://exchange.xforce.ibmcloud.com/vulnerabilities/159800>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-13012](<https://vulners.com/cve/CVE-2019-13012>) \n** DESCRIPTION: **GNOME GLib could allow a local attacker to bypass security restrictions, caused by improper permission control in the keyfile settings backend. An attacker could exploit this vulnerability to bypass access restrictions. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/166666](<https://exchange.xforce.ibmcloud.com/vulnerabilities/166666>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) \n \n** CVEID: **[CVE-2017-7244](<https://vulners.com/cve/CVE-2017-7244>) \n** DESCRIPTION: **PCRE is vulnerable to a denial of service, caused by an invalid memory read flaw in the _pcre32_xclass function in pcre_xclass.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/123729](<https://exchange.xforce.ibmcloud.com/vulnerabilities/123729>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-14567](<https://vulners.com/cve/CVE-2018-14567>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by an error in xzlib.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/148541](<https://exchange.xforce.ibmcloud.com/vulnerabilities/148541>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2018-14404](<https://vulners.com/cve/CVE-2018-14404>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a NULL pointer dereference in the xpath.c:xmlXPathCompOpEval() function. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/147260](<https://exchange.xforce.ibmcloud.com/vulnerabilities/147260>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-19956](<https://vulners.com/cve/CVE-2019-19956>) \n** DESCRIPTION: **libxml2 is vulnerable to a denial of service, caused by a memory leak in xmlParseBalancedChunkMemoryRecover in parser.c. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/173518](<https://exchange.xforce.ibmcloud.com/vulnerabilities/173518>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2019-20388](<https://vulners.com/cve/CVE-2019-20388>) \n** DESCRIPTION: **GNOME libxml2 could allow a remote attacker to obtain sensitive information, caused by a xmlSchemaValidateStream memory leak in xmlSchemaPreRun in xmlschemas.c. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/175539](<https://exchange.xforce.ibmcloud.com/vulnerabilities/175539>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2018-8740](<https://vulners.com/cve/CVE-2018-8740>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in the src/build.c, src/prepare.c. By using a corrupted SQLite3 database file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/140476](<https://exchange.xforce.ibmcloud.com/vulnerabilities/140476>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2017-15286](<https://vulners.com/cve/CVE-2017-15286>) \n** DESCRIPTION: **SQLite is vulnerable to a denial of service, caused by a NULL pointer dereference in tableColumnList in shell.c. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause the application to crash. \nCVSS Base score: 3.3 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/133477](<https://exchange.xforce.ibmcloud.com/vulnerabilities/133477>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-20266](<https://vulners.com/cve/CVE-2021-20266>) \n** DESCRIPTION: **RPM Project RPM is vulnerable to a denial of service, caused by an out-of-bounds read flaw in the hdrblobInit function in lib/header.c. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/201041](<https://exchange.xforce.ibmcloud.com/vulnerabilities/201041>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2021-35588](<https://vulners.com/cve/CVE-2021-35588>) \n** DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors. \nCVSS Base score: 3.1 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/211662](<https://exchange.xforce.ibmcloud.com/vulnerabilities/211662>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L) \n \n** CVEID: **[CVE-2015-0837](<https://vulners.com/cve/CVE-2015-0837>) \n** DESCRIPTION: **Libgcrypt could allow a local attacker to obtain sensitive information, caused by a side-channel attack on data-dependent timing variations. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 2.9 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/110054](<https://exchange.xforce.ibmcloud.com/vulnerabilities/110054>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2017-7407](<https://vulners.com/cve/CVE-2017-7407>) \n** DESCRIPTION: **curl could allow a physical attacker to obtain sensitive information, caused by an error in the ourWriteOut function in tool_writeout.c. By reading a workstation screen during use of a --write-out argument ending in a '%' character, an attacker could exploit this vulnerability to obtain sensitive information from process memory. \nCVSS Base score: 2.4 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/125384](<https://exchange.xforce.ibmcloud.com/vulnerabilities/125384>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) \n \n** CVEID: **[CVE-2015-1606](<https://vulners.com/cve/CVE-2015-1606>) \n** DESCRIPTION: **GnuPG2 is vulnerable to a denial of service, caused by a use-after-free error in build-packet.c when rejecting packets that don't belong into a keyring. By sending specially-crafted data packets, an attacker could exploit this vulnerability to cause the system to crash. \nCVSS Base score: 1.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101024](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101024>) for the current score. \nCVSS Vector: (AV:L/AC:H/Au:N/C:N/I:N/A:P) \n \n** CVEID: **[CVE-2015-1607](<https://vulners.com/cve/CVE-2015-1607>) \n** DESCRIPTION: **gnupg2 could allow a local attacker to obtain sensitive information, caused by an information leak in keybox_search.c. An attacker could exploit this vulnerability to obtain sensitive information. \nCVSS Base score: 1.2 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/101025](<https://exchange.xforce.ibmcloud.com/vulnerabilities/101025>) for the current score. \nCVSS Vector: (AV:L/AC:H/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nCloud Pak for Security (CP4S)| 1.8.1.0 \nCloud Pak for Security (CP4S)| 1.8.0.0 \nCloud Pak for Security (CP4S)| 1.7.2.0 \n \n## Remediation/Fixes\n\nPlease upgrade to CP4S 1.9.0.0 following instructions at <https://www.ibm.com/docs/en/cloud-paks/cp-security/1.9?topic=installing-upgrading-cloud-pak-security-from-18>\n\n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-08T18:05:21", "type": "ibm", "title": "Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3716", "CVE-2008-1191", "CVE-2008-3103", "CVE-2008-3105", "CVE-2008-3106", "CVE-2008-3109", "CVE-2008-3110", "CVE-2008-5347", "CVE-2008-5349", "CVE-2008-5352", "CVE-2008-5358", "CVE-2014-0452", "CVE-2014-2413", "CVE-2015-0247", "CVE-2015-0837", "CVE-2015-1606", "CVE-2015-1607", "CVE-2015-2059", "CVE-2015-2695", "CVE-2015-2696", "CVE-2015-2697", "CVE-2015-3153", "CVE-2015-4041", "CVE-2015-4042", "CVE-2015-5186", "CVE-2015-5218", "CVE-2015-5276", "CVE-2015-7036", "CVE-2015-8035", "CVE-2015-8382", "CVE-2015-8948", "CVE-2015-8982", "CVE-2015-8983", "CVE-2015-8984", "CVE-2015-8985", "CVE-2015-9251", "CVE-2016-0755", "CVE-2016-10254", "CVE-2016-10255", "CVE-2016-10540", "CVE-2016-10707", "CVE-2016-10735", "CVE-2016-1234", "CVE-2016-1938", "CVE-2016-1951", "CVE-2016-2226", "CVE-2016-2779", "CVE-2016-2781", "CVE-2016-3189", "CVE-2016-4008", "CVE-2016-4429", "CVE-2016-4472", "CVE-2016-4483", "CVE-2016-4487", "CVE-2016-4488", "CVE-2016-4489", "CVE-2016-4490", "CVE-2016-4491", "CVE-2016-4492", "CVE-2016-4493", "CVE-2016-4984", "CVE-2016-5300", "CVE-2016-6153", "CVE-2016-6261", "CVE-2016-6262", "CVE-2016-8615", "CVE-2016-8616", "CVE-2016-8617", "CVE-2016-8618", "CVE-2016-8619", "CVE-2016-8621", "CVE-2016-8623", "CVE-2016-8624", "CVE-2016-8625", "CVE-2016-9074", "CVE-2016-9318", "CVE-2016-9574", "CVE-2016-9586", "CVE-2017-1000100", "CVE-2017-1000254", "CVE-2017-10140", "CVE-2017-10684", "CVE-2017-10685", "CVE-2017-10790", "CVE-2017-10989", "CVE-2017-11112", "CVE-2017-11113", "CVE-2017-11164", "CVE-2017-11462", "CVE-2017-13685", "CVE-2017-13728", "CVE-2017-13729", "CVE-2017-13730", "CVE-2017-13731", "CVE-2017-13732", "CVE-2017-13733", "CVE-2017-13734", "CVE-2017-14062", "CVE-2017-15088", "CVE-2017-15286", "CVE-2017-15671", "CVE-2017-16879", "CVE-2017-16931", "CVE-2017-16932", "CVE-2017-18018", "CVE-2017-6004", "CVE-2017-6891", "CVE-2017-7000", "CVE-2017-7244", "CVE-2017-7245", "CVE-2017-7246", "CVE-2017-7407", "CVE-2017-7500", "CVE-2017-7501", "CVE-2017-7526", "CVE-2017-7607", "CVE-2017-7608", "CVE-2017-7609", "CVE-2017-7610", "CVE-2017-7611", "CVE-2017-7612", "CVE-2017-7613", "CVE-2017-7781", "CVE-2017-8817", "CVE-2017-9233", "CVE-2018-12700", "CVE-2018-14041", "CVE-2018-14404", "CVE-2018-14567", "CVE-2018-16429", "CVE-2018-16435", "CVE-2018-17101", "CVE-2018-18074", "CVE-2018-18508", "CVE-2018-20483", "CVE-2018-20676", "CVE-2018-20677", "CVE-2018-25009", "CVE-2018-25010", "CVE-2018-25012", "CVE-2018-25013", "CVE-2018-25014", "CVE-2018-3721", "CVE-2018-6003", "CVE-2018-8740", "CVE-2018-9234", "CVE-2019-1010266", "CVE-2019-10219", "CVE-2019-11358", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13057", "CVE-2019-13115", "CVE-2019-13117", "CVE-2019-13565", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-13752", "CVE-2019-13753", "CVE-2019-1563", "CVE-2019-17594", "CVE-2019-17595", "CVE-2019-18218", "CVE-2019-18276", "CVE-2019-18874", "CVE-2019-19603", "CVE-2019-19645", "CVE-2019-19880", "CVE-2019-19906", "CVE-2019-19924", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20838", "CVE-2019-2708", "CVE-2019-3859", "CVE-2019-3860", "CVE-2019-5827", "CVE-2019-8331", "CVE-2019-8457", "CVE-2019-9169", "CVE-2019-9633", "CVE-2019-9924", "CVE-2020-10001", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-12399", "CVE-2020-12762", "CVE-2020-13435", "CVE-2020-13558", "CVE-2020-13631", "CVE-2020-13645", "CVE-2020-13956", "CVE-2020-14145", "CVE-2020-14155", "CVE-2020-15719", "CVE-2020-16135", "CVE-2020-1752", "CVE-2020-1968", "CVE-2020-24025", "CVE-2020-24370", "CVE-2020-24870", "CVE-2020-24977", "CVE-2020-25219", "CVE-2020-25709", "CVE-2020-25710", "CVE-2020-26154", "CVE-2020-27828", "CVE-2020-27918", "CVE-2020-28168", "CVE-2020-28196", "CVE-2020-28498", "CVE-2020-29361", "CVE-2020-29362", "CVE-2020-29623", "CVE-2020-35448", "CVE-2020-35492", "CVE-2020-36221", "CVE-2020-36222", "CVE-2020-36223", "CVE-2020-36224", "CVE-2020-36225", "CVE-2020-36226", "CVE-2020-36227", "CVE-2020-36228", "CVE-2020-36229", "CVE-2020-36230", "CVE-2020-36241", "CVE-2020-36330", "CVE-2020-36331", "CVE-2020-36332", "CVE-2020-7595", "CVE-2020-7751", "CVE-2020-7768", "CVE-2020-7774", "CVE-2020-8285", "CVE-2020-8908", "CVE-2021-1788", "CVE-2021-1789", "CVE-2021-1799", "CVE-2021-1801", "CVE-2021-1844", "CVE-2021-1870", "CVE-2021-1871", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20266", "CVE-2021-20270", "CVE-2021-20284", "CVE-2021-21775", "CVE-2021-21779", "CVE-2021-21806", "CVE-2021-22876", "CVE-2021-22898", "CVE-2021-22922", "CVE-2021-22923", "CVE-2021-22924", "CVE-2021-22925", "CVE-2021-22930", "CVE-2021-22931", "CVE-2021-22939", "CVE-2021-22940", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23358", "CVE-2021-23440", "CVE-2021-23840", "CVE-2021-26690", "CVE-2021-26691", "CVE-2021-26926", "CVE-2021-26927", "CVE-2021-27212", "CVE-2021-27291", "CVE-2021-27645", "CVE-2021-28092", "CVE-2021-28153", "CVE-2021-28650", "CVE-2021-28957", "CVE-2021-29059", "CVE-2021-29425", "CVE-2021-29921", "CVE-2021-30641", "CVE-2021-30663", "CVE-2021-30665", "CVE-2021-30682", "CVE-2021-30689", "CVE-2021-30720", "CVE-2021-30734", "CVE-2021-30744", "CVE-2021-30749", "CVE-2021-30758", "CVE-2021-30795", "CVE-2021-30797", "CVE-2021-30799", "CVE-2021-3115", "CVE-2021-31535", "CVE-2021-3200", "CVE-2021-32838", "CVE-2021-33503", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33928", "CVE-2021-33929", "CVE-2021-33930", "CVE-2021-33938", "CVE-2021-3426", "CVE-2021-3445", "CVE-2021-3516", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3520", "CVE-2021-3537", "CVE-2021-35550", "CVE-2021-35556", "CVE-2021-35559", "CVE-2021-35561", "CVE-2021-35564", "CVE-2021-35565", "CVE-2021-35567", "CVE-2021-35578", "CVE-2021-35586", "CVE-2021-35588", "CVE-2021-35603", "CVE-2021-3572", "CVE-2021-35942", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36159", "CVE-2021-36222", "CVE-2021-3672", "CVE-2021-3711", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-3765", "CVE-2021-37714", "CVE-2021-37750", "CVE-2021-3778", "CVE-2021-3795", "CVE-2021-3796", "CVE-2021-38185", "CVE-2021-40438", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-42374", "CVE-2021-42375", "CVE-2021-42378", "CVE-2021-42379", "CVE-2021-42380", "CVE-2021-42381", "CVE-2021-42382", "CVE-2021-42383", "CVE-2021-42384", "CVE-2021-42385", "CVE-2021-42386", "CVE-2021-42574", "CVE-2021-42771"], "modified": "2023-03-08T18:05:21", "id": "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "href": "https://www.ibm.com/support/pages/node/6551876", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-12-17T15:18:14", "description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-11-23T21:29:00", "type": "debiancve", "title": "CVE-2017-16932", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2017-11-23T21:29:00", "id": "DEBIANCVE:CVE-2017-16932", "href": "https://security-tracker.debian.org/tracker/CVE-2017-16932", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-12-17T15:18:14", "description": "In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-03T03:15:00", "type": "debiancve", "title": "CVE-2022-29824", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-05-03T03:15:00", "id": "DEBIANCVE:CVE-2022-29824", "href": "https://security-tracker.debian.org/tracker/CVE-2022-29824", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "redhatcve": [{"lastseen": "2021-10-13T19:50:32", "description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-11-24T15:50:03", "type": "redhatcve", "title": "CVE-2017-16932", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2021-10-13T17:35:54", "id": "RH:CVE-2017-16932", "href": "https://access.redhat.com/security/cve/cve-2017-16932", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-08T23:17:18", "description": "A flaw was found in the libxml2 library in functions used to manipulate the xmlBuf and the xmlBuffer types. A substantial input causes values to calculate buffer sizes to overflow, resulting in an out-of-bounds write.\n#### Mitigation\n\nAvoid passing large inputs to the libxml2 library. \n\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-05T14:26:15", "type": "redhatcve", "title": "CVE-2022-29824", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-08T22:37:27", "id": "RH:CVE-2022-29824", "href": "https://access.redhat.com/security/cve/cve-2022-29824", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "ubuntucve": [{"lastseen": "2022-10-17T15:09:31", "description": "parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in\nparameter entities.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882613>\n * <https://bugzilla.gnome.org/show_bug.cgi?id=759579>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-11-23T00:00:00", "type": "ubuntucve", "title": "CVE-2017-16932", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2017-11-23T00:00:00", "id": "UB:CVE-2017-16932", "href": "https://ubuntu.com/security/CVE-2017-16932", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-10-15T13:19:23", "description": "In libxml2 before 2.9.14, several buffer handling functions in buf.c\n(xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This\ncan result in out-of-bounds memory writes. Exploitation requires a victim\nto open a crafted, multi-gigabyte XML file. Other software using libxml2's\nbuffer functions, for example libxslt through 1.1.35, is affected as well.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526>\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-03T00:00:00", "type": "ubuntucve", "title": "CVE-2022-29824", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-05-03T00:00:00", "id": "UB:CVE-2022-29824", "href": "https://ubuntu.com/security/CVE-2022-29824", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2023-01-26T13:12:06", "description": "## Releases\n\n * Ubuntu 17.10 \n * Ubuntu 17.04 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * libxml2 \\- GNOME XML library\n\nWei Lei discovered that libxml2 incorrecty handled certain parameter \nentities. An attacker could use this issue with specially constructed XML \ndata to cause libxml2 to consume resources, leading to a denial of service.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-12-05T00:00:00", "type": "ubuntu", "title": "libxml2 vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2017-12-05T00:00:00", "id": "USN-3504-1", "href": "https://ubuntu.com/security/notices/USN-3504-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T13:12:05", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * libxml2 \\- GNOME XML library\n\nUSN-3504-1 fixed a vulnerability in libxml2. This update provides \nthe corresponding update for Ubuntu 12.04 ESM.\n\nOriginal advisory details:\n\nWei Lei discovered that libxml2 incorrecty handled certain parameter \nentities. An attacker could use this issue with specially constructed XML \ndata to cause libxml2 to consume resources, leading to a denial of service.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-12-05T00:00:00", "type": "ubuntu", "title": "libxml2 vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2017-12-05T00:00:00", "id": "USN-3504-2", "href": "https://ubuntu.com/security/notices/USN-3504-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T15:13:15", "description": "## Releases\n\n * Ubuntu 22.04 LTS\n * Ubuntu 21.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 LTS\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * libxml2 \\- GNOME XML library\n\nShinji Sato discovered that libxml2 incorrectly handled certain XML files. \nAn attacker could possibly use this issue to cause a crash, resulting in a \ndenial of service, or possibly execute arbitrary code. This issue only \naffected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308)\n\nIt was discovered that libxml2 incorrectly handled certain XML files. \nAn attacker could possibly use this issue to cause a crash or execute \narbitrary code. (CVE-2022-29824)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-16T00:00:00", "type": "ubuntu", "title": "libxml2 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23308", "CVE-2022-29824"], "modified": "2022-05-16T00:00:00", "id": "USN-5422-1", "href": "https://ubuntu.com/security/notices/USN-5422-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-26T13:06:09", "description": "## Releases\n\n * Ubuntu 18.04 LTS\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * libxml2 \\- GNOME XML library\n\nMatias Brutti discovered that libxml2 incorrectly handled certain XML files. \nAn attacker could possibly use this issue to expose sensitive information. \n(CVE-2016-9318)\n\nIt was discovered that libxml2 incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \nThis issue only affected Ubuntu 18.04 LTS. (CVE-2017-16932)\n\nIt was discovered that libxml2 incorrectly handled certain files. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2017-18258, CVE-2018-14404, CVE-2018-14567)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-08-14T00:00:00", "type": "ubuntu", "title": "libxml2 vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9318", "CVE-2017-16932", "CVE-2017-18258", "CVE-2018-14404", "CVE-2018-14567"], "modified": "2018-08-14T00:00:00", "id": "USN-3739-1", "href": "https://ubuntu.com/security/notices/USN-3739-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cloudfoundry": [{"lastseen": "2019-05-29T18:32:48", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n\n# Description\n\nWei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including: \n * 3421.x versions prior to 3421.34\n * 3445.x versions prior to 3445.19\n * 3468.x versions prior to 3468.13\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.173.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH stemcells: \n * Upgrade 3421.x versions prior to 3421.34\n * Upgrade 3445.x versions prior to 3445.19\n * Upgrade 3468.x versions prior to 3468.13\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io>).\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.173.0 or later.\n\n# References\n\n * [USN-3504-1](<http://www.ubuntu.com/usn/usn-3504-1/>)\n * [CVE-2017-16932](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-16932>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2017-12-14T00:00:00", "type": "cloudfoundry", "title": "USN-3504-1: libxml2 vulnerability | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2017-12-14T00:00:00", "id": "CFOUNDRY:C0E674F38966607B2B6B03C0AB944275", "href": "https://www.cloudfoundry.org/blog/usn-3504-1/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-29T10:01:17", "description": "## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n## Description\n\nShinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. (CVE-2022-23308) It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-29824) Update Instructions: Run `sudo ua fix USN-5422-1` to fix the vulnerability. The problem can be corrected by updating your system to the following package versions: python-libxml2 \u2013 2.9.4+dfsg1-6.1ubuntu1.6 libxml2-utils \u2013 2.9.4+dfsg1-6.1ubuntu1.6 libxml2 \u2013 2.9.4+dfsg1-6.1ubuntu1.6 python3-libxml2 \u2013 2.9.4+dfsg1-6.1ubuntu1.6 libxml2-doc \u2013 2.9.4+dfsg1-6.1ubuntu1.6 libxml2-dev \u2013 2.9.4+dfsg1-6.1ubuntu1.6 No subscription required\n\nCVEs contained in this USN include: CVE-2022-23308, CVE-2022-29824.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Bionic Stemcells \n * 1.x versions prior to 1.84\n * All other stemcells not listed.\n * cflinuxfs3 \n * All versions prior to 0.298.0\n * CF Deployment \n * All versions prior to 21.0.0, or later versions with Xenial Stemcells prior to 621.244 or Bionic Stemcells prior to 1.84\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * Bionic Stemcells \n * Upgrade 1.x versions to 1.84 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n * cflinuxfs3 \n * Upgrade all versions to 0.298.0 or greater\n * CF Deployment \n * Upgrade all versions to 21.0.0 or greater, upgrade Xenial Stemcells to 621.244 or greater, and upgrade Bionic Stemcells to 1.84 or greater\n\n## References\n\n * [USN Notice](<https://ubuntu.com/security/notices/USN-5422-1>)\n * [CVE-2022-23308](<https://ubuntu.com/security/CVE-2022-23308>)\n * [CVE-2022-29824](<https://ubuntu.com/security/CVE-2022-29824>)\n\n## History\n\n2022-07-29: Initial vulnerability report published.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-29T00:00:00", "type": "cloudfoundry", "title": "USN-5422-1: libxml2 vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23308", "CVE-2022-29824"], "modified": "2022-07-29T00:00:00", "id": "CFOUNDRY:AEFE1E0FB78D2D1BC82159C0749C81D8", "href": "https://www.cloudfoundry.org/blog/usn-5422-1-libxml2-vulnerabilities/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T15:27:17", "description": "# \n\n# Severity\n\nMedium\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n# Description\n\nMatias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. (CVE-2016-9318)\n\nIt was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2017-16932)\n\nIt was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2017-18258, CVE-2018-14404, CVE-2018-14567)\n\n# Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * Cloud Foundry BOSH trusty-stemcells are vulnerable, including: \n * 3363.x versions prior to 3363.72\n * 3421.x versions prior to 3421.79\n * 3445.x versions prior to 3445.64\n * 3468.x versions prior to 3468.64\n * 3541.x versions prior to 3541.44\n * 3586.x versions prior to 3586.36\n * All other stemcells not listed.\n * Cloud Foundry BOSH xenial-stemcells are vulnerable, including: \n * 97.x versions prior to 97.12\n * All other stemcells not listed.\n * All versions of Cloud Foundry cflinuxfs2 prior to 1.230.0\n * All versions of Cloud Foundry cflinuxfs3 prior to 0.10.0\n\n# Mitigation\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry project recommends upgrading the following BOSH trusty-stemcells: \n * Upgrade 3363.x versions to 3363.72\n * Upgrade 3421.x versions to 3421.79\n * Upgrade 3445.x versions to 3445.64\n * Upgrade 3468.x versions to 3468.64\n * Upgrade 3541.x versions to 3541.44\n * Upgrade 3586.x versions to 3586.36\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells/#ubuntu-trusty>).\n * The Cloud Foundry project recommends upgrading the following BOSH xenial-stemcells: \n * Upgrade 97.x versions to 97.12\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells/#ubuntu-xenial>).\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.230.0 or later.\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.10.0 or later.\n\n# References\n\n * [USN-3739-1](<https://usn.ubuntu.com/3739-1>)\n * [CVE-2016-9318](<https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9318>)\n * [CVE-2017-16932](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16932>)\n * [CVE-2017-18258](<https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18258>)\n * [CVE-2018-14404](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14404>)\n * [CVE-2018-14567](<https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14567>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-09-11T00:00:00", "type": "cloudfoundry", "title": "USN-3739-1: libxml2 vulnerabilities | Cloud Foundry", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14404", "CVE-2018-14567", "CVE-2016-9318", "CVE-2017-18258", "CVE-2017-16932"], "modified": "2018-09-11T00:00:00", "id": "CFOUNDRY:534706586AA8B2BA233C6A2A618BD6A0", "href": "https://www.cloudfoundry.org/blog/usn-3739-1/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2023-01-14T14:50:45", "description": "Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-12-06T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3504-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16932"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxml2", "p-cpe:/a:canonical:ubuntu_linux:libxml2-utils", "p-cpe:/a:canonical:ubuntu_linux:python-libxml2", "p-cpe:/a:canonical:ubuntu_linux:python3-libxml2", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:17.04", "cpe:/o:canonical:ubuntu_linux:17.10"], "id": "UBUNTU_USN-3504-1.NASL", "href": "https://www.tenable.com/plugins/nessus/105037", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3504-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105037);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2017-16932\");\n script_xref(name:\"USN\", value:\"3504-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.04 / 17.10 : libxml2 vulnerability (USN-3504-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Wei Lei discovered that libxml2 incorrecty handled certain parameter\nentities. An attacker could use this issue with specially constructed\nXML data to cause libxml2 to consume resources, leading to a denial of\nservice.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3504-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.04|17\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.04 / 17.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxml2\", pkgver:\"2.9.1+dfsg1-3ubuntu4.11\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libxml2-utils\", pkgver:\"2.9.1+dfsg1-3ubuntu4.11\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"python-libxml2\", pkgver:\"2.9.1+dfsg1-3ubuntu4.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libxml2\", pkgver:\"2.9.3+dfsg1-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libxml2-utils\", pkgver:\"2.9.3+dfsg1-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python-libxml2\", pkgver:\"2.9.3+dfsg1-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"libxml2\", pkgver:\"2.9.4+dfsg1-2.2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"libxml2-utils\", pkgver:\"2.9.4+dfsg1-2.2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"python-libxml2\", pkgver:\"2.9.4+dfsg1-2.2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"python3-libxml2\", pkgver:\"2.9.4+dfsg1-2.2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libxml2\", pkgver:\"2.9.4+dfsg1-4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libxml2-utils\", pkgver:\"2.9.4+dfsg1-4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"python-libxml2\", pkgver:\"2.9.4+dfsg1-4ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"python3-libxml2\", pkgver:\"2.9.4+dfsg1-4ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-utils / python-libxml2 / python3-libxml2\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T15:06:25", "description": "The version of libxml2 installed on the remote host is prior to 2.9.14. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-122-01 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-02T00:00:00", "type": "nessus", "title": "Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current libxml2 Vulnerability (SSA:2022-122-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-06-03T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:libxml2", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2", "cpe:/o:slackware:slackware_linux:15.0"], "id": "SLACKWARE_SSA_2022-122-01.NASL", "href": "https://www.tenable.com/plugins/nessus/160450", "sourceData": "##\n# (C) Tenable, Inc.\n##\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Slackware Security Advisory SSA:2022-122-01. The text\n# itself is copyright (C) Slackware Linux, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160450);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/03\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current libxml2 Vulnerability (SSA:2022-122-01)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Slackware Linux host is missing a security update to libxml2.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of libxml2 installed on the remote host is prior to 2.9.14. It is, therefore, affected by a vulnerability as\nreferenced in the SSA:2022-122-01 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected libxml2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:15.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Slackware Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\ninclude(\"slackware.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\nvar flag = 0;\nvar constraints = [\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '14.0', 'service_pack' : '1_slack14.0', 'arch' : 'i486' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '14.0', 'service_pack' : '1_slack14.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '14.1', 'service_pack' : '1_slack14.1', 'arch' : 'i486' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '14.1', 'service_pack' : '1_slack14.1', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'i586' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '14.2', 'service_pack' : '1_slack14.2', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'i586' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : '15.0', 'service_pack' : '1_slack15.0', 'arch' : 'x86_64' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'i586' },\n { 'fixed_version' : '2.9.14', 'product' : 'libxml2', 'os_name' : 'Slackware Linux', 'os_version' : 'current', 'service_pack' : '1', 'arch' : 'x86_64' }\n];\n\nforeach constraint (constraints) {\n var pkg_arch = constraint['arch'];\n var arch = NULL;\n if (pkg_arch == \"x86_64\") {\n arch = pkg_arch;\n }\n if (slackware_check(osver:constraint['os_version'],\n arch:arch,\n pkgname:constraint['product'],\n pkgver:constraint['fixed_version'],\n pkgarch:pkg_arch,\n pkgnum:constraint['service_pack'])) flag++;\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : slackware_report_get()\n );\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T18:50:34", "description": "The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5142 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-23T00:00:00", "type": "nessus", "title": "Debian DSA-5142-1 : libxml2 - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-06-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "p-cpe:/a:debian:debian_linux:python3-libxml2", "p-cpe:/a:debian:debian_linux:python3-libxml2-dbg", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5142.NASL", "href": "https://www.tenable.com/plugins/nessus/161434", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5142. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161434);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/03\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"Debian DSA-5142-1 : libxml2 - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5142\nadvisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/libxml2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-29824\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/libxml2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/libxml2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the libxml2 packages.\n\nFor the stable distribution (bullseye), this problem has been fixed in version 2.9.10+dfsg-6.7+deb11u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+|^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0 / 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'libxml2', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'libxml2-dbg', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'libxml2-dev', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'libxml2-doc', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'libxml2-utils', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'python-libxml2', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'python-libxml2-dbg', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'python3-libxml2', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '10.0', 'prefix': 'python3-libxml2-dbg', 'reference': '2.9.4+dfsg1-7+deb10u4'},\n {'release': '11.0', 'prefix': 'libxml2', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'libxml2-dbg', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'libxml2-dev', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'libxml2-doc', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'libxml2-utils', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'python-libxml2', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'python-libxml2-dbg', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'python3-libxml2', 'reference': '2.9.10+dfsg-6.7+deb11u2'},\n {'release': '11.0', 'prefix': 'python3-libxml2-dbg', 'reference': '2.9.10+dfsg-6.7+deb11u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-dbg / libxml2-dev / libxml2-doc / libxml2-utils / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T18:50:49", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-06-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2022-1901)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-06-17T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1901.NASL", "href": "https://www.tenable.com/plugins/nessus/162335", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162335);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/17\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2022-1901)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1901\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bcdca59d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.1-6.3.h30.eulerosv2r7\",\n \"libxml2-devel-2.9.1-6.3.h30.eulerosv2r7\",\n \"libxml2-python-2.9.1-6.3.h30.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T10:25:27", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5250 advisory.\n\n - libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-01T00:00:00", "type": "nessus", "title": "RHEL 9 : libxml2 (RHSA-2022:5250)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_e4s:9.0", "cpe:/o:redhat:rhel_eus:9.0", "p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:python3-libxml2"], "id": "REDHAT-RHSA-2022-5250.NASL", "href": "https://www.tenable.com/plugins/nessus/162658", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5250. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162658);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2022-29824\");\n script_xref(name:\"RHSA\", value:\"2022:5250\");\n\n script_name(english:\"RHEL 9 : libxml2 (RHSA-2022:5250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5250 advisory.\n\n - libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-29824\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2082158\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(190, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libxml2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libxml2-2.9.13-1.el9_0.1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.13-1.el9_0.1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.13-1.el9_0.1', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel9/9.0/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.0/aarch64/appstream/os',\n 'content/e4s/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.0/aarch64/baseos/os',\n 'content/e4s/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.0/ppc64le/sap/os',\n 'content/e4s/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/appstream/debug',\n 'content/e4s/rhel9/9.0/s390x/appstream/os',\n 'content/e4s/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/baseos/debug',\n 'content/e4s/rhel9/9.0/s390x/baseos/os',\n 'content/e4s/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.0/s390x/highavailability/os',\n 'content/e4s/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/s390x/sap/debug',\n 'content/e4s/rhel9/9.0/s390x/sap/os',\n 'content/e4s/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.0/x86_64/appstream/os',\n 'content/e4s/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.0/x86_64/baseos/os',\n 'content/e4s/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/nfv/debug',\n 'content/e4s/rhel9/9.0/x86_64/nfv/os',\n 'content/e4s/rhel9/9.0/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/rt/debug',\n 'content/e4s/rhel9/9.0/x86_64/rt/os',\n 'content/e4s/rhel9/9.0/x86_64/rt/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.0/x86_64/sap/debug',\n 'content/e4s/rhel9/9.0/x86_64/sap/os',\n 'content/e4s/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/appstream/debug',\n 'content/eus/rhel9/9.0/aarch64/appstream/os',\n 'content/eus/rhel9/9.0/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/baseos/debug',\n 'content/eus/rhel9/9.0/aarch64/baseos/os',\n 'content/eus/rhel9/9.0/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.0/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.0/aarch64/highavailability/os',\n 'content/eus/rhel9/9.0/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.0/aarch64/supplementary/os',\n 'content/eus/rhel9/9.0/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.0/ppc64le/appstream/os',\n 'content/eus/rhel9/9.0/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.0/ppc64le/baseos/os',\n 'content/eus/rhel9/9.0/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.0/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.0/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.0/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.0/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/sap/debug',\n 'content/eus/rhel9/9.0/ppc64le/sap/os',\n 'content/eus/rhel9/9.0/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.0/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/appstream/debug',\n 'content/eus/rhel9/9.0/s390x/appstream/os',\n 'content/eus/rhel9/9.0/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/baseos/debug',\n 'content/eus/rhel9/9.0/s390x/baseos/os',\n 'content/eus/rhel9/9.0/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.0/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/highavailability/debug',\n 'content/eus/rhel9/9.0/s390x/highavailability/os',\n 'content/eus/rhel9/9.0/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.0/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/sap/debug',\n 'content/eus/rhel9/9.0/s390x/sap/os',\n 'content/eus/rhel9/9.0/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/s390x/supplementary/debug',\n 'content/eus/rhel9/9.0/s390x/supplementary/os',\n 'content/eus/rhel9/9.0/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/appstream/debug',\n 'content/eus/rhel9/9.0/x86_64/appstream/os',\n 'content/eus/rhel9/9.0/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/baseos/debug',\n 'content/eus/rhel9/9.0/x86_64/baseos/os',\n 'content/eus/rhel9/9.0/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.0/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.0/x86_64/highavailability/os',\n 'content/eus/rhel9/9.0/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.0/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.0/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/sap/debug',\n 'content/eus/rhel9/9.0/x86_64/sap/os',\n 'content/eus/rhel9/9.0/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.0/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.0/x86_64/supplementary/os',\n 'content/eus/rhel9/9.0/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libxml2-2.9.13-1.el9_0.1', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.13-1.el9_0.1', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.13-1.el9_0.1', 'sp':'0', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T06:26:25", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5317 advisory.\n\n - libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-01T00:00:00", "type": "nessus", "title": "RHEL 8 : libxml2 (RHSA-2022:5317)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:libxml2", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:python3-libxml2"], "id": "REDHAT-RHSA-2022-5317.NASL", "href": "https://www.tenable.com/plugins/nessus/162644", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:5317. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162644);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n script_xref(name:\"RHSA\", value:\"2022:5317\");\n\n script_name(english:\"RHEL 8 : libxml2 (RHSA-2022:5317)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:5317 advisory.\n\n - libxml2: integer overflows in xmlBuf and xmlBuffer lead to out-of-bounds write (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-29824\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:5317\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2082158\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(190, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-libxml2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libxml2-2.9.7-13.el8_6.1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-13.el8_6.1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.7-13.el8_6.1', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libxml2-2.9.7-13.el8_6.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-13.el8_6.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.7-13.el8_6.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-17T17:07:02", "description": "https://vulners.com/cve/CVE-2022-29824 https://vulners.com/cve/CVE-2022-29824 GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-21T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 4 : libxml2 (IJ42381)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-09-26T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IJ42381.NASL", "href": "https://www.tenable.com/plugins/nessus/165284", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory libxml2_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(165284);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/26\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"AIX 7.2 TL 4 : libxml2 (IJ42381)\");\n script_summary(english:\"Check for APAR IJ42381\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824 GNOME\nlibxml2 is vulnerable to a denial of service, caused by an integer\noverflows in several buffer handling functions in buf.c (xmlBuf*) and\ntree.c (xmlBuffer*). By persuading a victim to open a\nspecially-crafted XML file, a remote attacker could exploit this\nvulnerability to cause a denial of service condition.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"04\", sp:\"04\", patch:\"IJ42381s6a\", package:\"bos.rte.control\", minfilesetver:\"7.2.4.0\", maxfilesetver:\"7.2.4.5\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"04\", sp:\"05\", patch:\"IJ42381s6a\", package:\"bos.rte.control\", minfilesetver:\"7.2.4.0\", maxfilesetver:\"7.2.4.5\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"04\", sp:\"06\", patch:\"IJ42381s6a\", package:\"bos.rte.control\", minfilesetver:\"7.2.4.0\", maxfilesetver:\"7.2.4.5\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T04:29:17", "description": "https://vulners.com/cve/CVE-2022-29824 https://vulners.com/cve/CVE-2022-29824 GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-21T00:00:00", "type": "nessus", "title": "AIX 7.3 TL 0 : libxml2 (IJ42341)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-09-26T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.3"], "id": "AIX_IJ42341.NASL", "href": "https://www.tenable.com/plugins/nessus/165285", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory libxml2_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(165285);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/26\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"AIX 7.3 TL 0 : libxml2 (IJ42341)\");\n script_summary(english:\"Check for APAR IJ42341\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824 GNOME\nlibxml2 is vulnerable to a denial of service, caused by an integer\noverflows in several buffer handling functions in buf.c (xmlBuf*) and\ntree.c (xmlBuffer*). By persuading a victim to open a\nspecially-crafted XML file, a remote attacker could exploit this\nvulnerability to cause a denial of service condition.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.3\", ml:\"00\", sp:\"01\", patch:\"IJ42341s2a\", package:\"bos.rte.control\", minfilesetver:\"7.3.0.0\", maxfilesetver:\"7.3.0.1\") < 0) flag++;\nif (aix_check_ifix(release:\"7.3\", ml:\"00\", sp:\"02\", patch:\"IJ42341s2a\", package:\"bos.rte.control\", minfilesetver:\"7.3.0.0\", maxfilesetver:\"7.3.0.1\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T19:47:51", "description": "The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1848 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : libxml2 (ALAS-2022-1848)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-10-11T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libxml2", "p-cpe:/a:amazon:linux:libxml2-debuginfo", "p-cpe:/a:amazon:linux:libxml2-devel", "p-cpe:/a:amazon:linux:libxml2-python", "p-cpe:/a:amazon:linux:libxml2-static", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2022-1848.NASL", "href": "https://www.tenable.com/plugins/nessus/165991", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2022-1848.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165991);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/11\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"Amazon Linux 2 : libxml2 (ALAS-2022-1848)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by a vulnerability\nas referenced in the ALAS2-2022-1848 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2022-1848.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-29824.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update libxml2' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libxml2-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.1-6.amzn2.5.6', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.1-6.amzn2.5.6', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.1-6.amzn2.5.6', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-debuginfo-2.9.1-6.amzn2.5.6', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-debuginfo-2.9.1-6.amzn2.5.6', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-debuginfo-2.9.1-6.amzn2.5.6', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.amzn2.5.6', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.amzn2.5.6', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.1-6.amzn2.5.6', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.amzn2.5.6', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.amzn2.5.6', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-python-2.9.1-6.amzn2.5.6', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.amzn2.5.6', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.amzn2.5.6', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-static-2.9.1-6.amzn2.5.6', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-debuginfo / libxml2-devel / etc\");\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T15:02:15", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-10-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2022-2622)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-10-28T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2622.NASL", "href": "https://www.tenable.com/plugins/nessus/166628", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166628);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/28\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2022-2622)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2622\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e6390927\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.1-6.3.h25\",\n \"libxml2-devel-2.9.1-6.3.h25\",\n \"libxml2-python-2.9.1-6.3.h25\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T15:21:59", "description": "The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:5250 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : libxml2 (ALSA-2022:5250)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-11-17T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libxml2", "p-cpe:/a:alma:linux:libxml2-devel", "p-cpe:/a:alma:linux:python3-libxml2", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream", "cpe:/o:alma:linux:9::baseos"], "id": "ALMA_LINUX_ALSA-2022-5250.NASL", "href": "https://www.tenable.com/plugins/nessus/167664", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:5250.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167664);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/17\");\n\n script_cve_id(\"CVE-2022-29824\");\n script_xref(name:\"ALSA\", value:\"2022:5250\");\n\n script_name(english:\"AlmaLinux 9 : libxml2 (ALSA-2022:5250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the\nALSA-2022:5250 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2022-5250.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(190, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::baseos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.13-1.el9_0.1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.13-1.el9_0.1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.13-1.el9_0.1', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:05:29", "description": "According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-14T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2022-2093)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-help", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2022-2093.NASL", "href": "https://www.tenable.com/plugins/nessus/163121", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163121);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2022-2093)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2093\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4c16f7cb\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-11.h17.eulerosv2r10\",\n \"libxml2-devel-2.9.10-11.h17.eulerosv2r10\",\n \"libxml2-help-2.9.10-11.h17.eulerosv2r10\",\n \"python3-libxml2-2.9.10-11.h17.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:04:35", "description": "According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-15T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2022-2113)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:libxml2-help", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2022-2113.NASL", "href": "https://www.tenable.com/plugins/nessus/163213", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163213);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2022-2113)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2113\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c04a14dd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-help\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-11.h17.eulerosv2r10\",\n \"libxml2-devel-2.9.10-11.h17.eulerosv2r10\",\n \"libxml2-help-2.9.10-11.h17.eulerosv2r10\",\n \"python3-libxml2-2.9.10-11.h17.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:05:29", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2022-2002)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2002.NASL", "href": "https://www.tenable.com/plugins/nessus/162859", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162859);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2022-2002)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2002\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c5795f94\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-1.h27.eulerosv2r9\",\n \"python3-libxml2-2.9.10-1.h27.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:04:34", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2022-1972)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1972.NASL", "href": "https://www.tenable.com/plugins/nessus/162868", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162868);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2022-1972)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1972\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1354bccf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-1.h27.eulerosv2r9\",\n \"python3-libxml2-2.9.10-1.h27.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:04:13", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-06-22T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2022-1938)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:libxml2-devel", "p-cpe:/a:huawei:euleros:python2-libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-1938.NASL", "href": "https://www.tenable.com/plugins/nessus/162443", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162443);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2022-1938)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-1938\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6ff16523\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python2-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.8-4.h18.eulerosv2r8\",\n \"libxml2-devel-2.9.8-4.h18.eulerosv2r8\",\n \"python2-libxml2-2.9.8-4.h18.eulerosv2r8\",\n \"python3-libxml2-2.9.8-4.h18.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:04:48", "description": "The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5250 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-07T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : libxml2 (ELSA-2022-5250)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:libxml2", "p-cpe:/a:oracle:linux:libxml2-devel", "p-cpe:/a:oracle:linux:python3-libxml2"], "id": "ORACLELINUX_ELSA-2022-5250.NASL", "href": "https://www.tenable.com/plugins/nessus/162794", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5250.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162794);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"Oracle Linux 9 : libxml2 (ELSA-2022-5250)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-5250 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5250.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libxml2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.13-1.el9_0.1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.13-1.el9_0.1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.13-1.el9_0.1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.13-1.el9_0.1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.13-1.el9_0.1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.13-1.el9_0.1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.13-1.el9_0.1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.13-1.el9_0.1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:07:27", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2022-2162)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2162.NASL", "href": "https://www.tenable.com/plugins/nessus/163556", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163556);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2022-2162)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2162\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ef7417dd\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-11.h17.eulerosv2r10\",\n \"python3-libxml2-2.9.10-11.h17.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:06:51", "description": "According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-29T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2022-2137)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2137.NASL", "href": "https://www.tenable.com/plugins/nessus/163630", "sourceData": "##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163630);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2022-2137)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2137\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3b7b374c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-11.h17.eulerosv2r10\",\n \"python3-libxml2-2.9.10-11.h17.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:09:11", "description": "According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-24T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : libxml2 (EulerOS-SA-2022-2390)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2022-2390.NASL", "href": "https://www.tenable.com/plugins/nessus/165406", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165406);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : libxml2 (EulerOS-SA-2022-2390)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2390\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3d71a63b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-1.h27.eulerosv2r9\",\n \"python3-libxml2-2.9.10-1.h27.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:05:12", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-5317 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-07-01T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : libxml2 (ELSA-2022-5317)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:libxml2", "p-cpe:/a:oracle:linux:libxml2-devel", "p-cpe:/a:oracle:linux:python3-libxml2"], "id": "ORACLELINUX_ELSA-2022-5317.NASL", "href": "https://www.tenable.com/plugins/nessus/162684", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-5317.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162684);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"Oracle Linux 8 : libxml2 (ELSA-2022-5317)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-5317 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-5317.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2, libxml2-devel and / or python3-libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-libxml2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'libxml2-2.9.7-13.el8_6.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.7-13.el8_6.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-2.9.7-13.el8_6.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-13.el8_6.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-13.el8_6.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libxml2-devel-2.9.7-13.el8_6.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.7-13.el8_6.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-libxml2-2.9.7-13.el8_6.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-devel / python3-libxml2');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-23T23:07:48", "description": "According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-23T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2022-2354)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2023-03-23T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxml2", "p-cpe:/a:huawei:euleros:python3-libxml2", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2022-2354.NASL", "href": "https://www.tenable.com/plugins/nessus/165385", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165385);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/23\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : libxml2 (EulerOS-SA-2022-2354)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2354\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4038d7a0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxml2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libxml2-2.9.10-1.h27.eulerosv2r9\",\n \"python3-libxml2-2.9.10-1.h27.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-19T21:53:41", "description": "https://vulners.com/cve/CVE-2022-29824 https://vulners.com/cve/CVE-2022-29824 GNOME libxml2 is vulnerable to a denial of service, caused by an integer overflows in several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*). By persuading a victim to open a specially-crafted XML file, a remote attacker could exploit this vulnerability to cause a denial of service condition.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-09-21T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 5 : libxml2 (IJ42339)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-12-14T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IJ42339.NASL", "href": "https://www.tenable.com/plugins/nessus/165283", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory libxml2_advisory3.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(165283);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/14\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"AIX 7.2 TL 5 : libxml2 (IJ42339)\");\n script_summary(english:\"Check for APAR IJ42339\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29824 GNOME\nlibxml2 is vulnerable to a denial of service, caused by an integer\noverflows in several buffer handling functions in buf.c (xmlBuf*) and\ntree.c (xmlBuffer*). By persuading a victim to open a\nspecially-crafted XML file, a remote attacker could exploit this\nvulnerability to cause a denial of service condition.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/libxml2_advisory3.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"02\", patch:\"IJ42339s2a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.4\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"02\", patch:\"IJ42339s2a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.101\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"02\", patch:\"IJ42339s2a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"03\", patch:\"IJ42339s4a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.4\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"03\", patch:\"IJ42339s4a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.101\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"03\", patch:\"IJ42339s4a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"04\", patch:\"IJ42339s4a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.4\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"04\", patch:\"IJ42339s4a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.101\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"04\", patch:\"IJ42339s4a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"05\", patch:\"IJ42339s5a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.0\", maxfilesetver:\"7.2.5.4\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"05\", patch:\"IJ42339s5a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.100\", maxfilesetver:\"7.2.5.101\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"05\", sp:\"05\", patch:\"IJ42339s5a\", package:\"bos.rte.control\", minfilesetver:\"7.2.5.200\", maxfilesetver:\"7.2.5.200\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-18T16:38:37", "description": "The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3012 advisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2022-05-17T00:00:00", "type": "nessus", "title": "Debian DLA-3012-1 : libxml2 - LTS security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-29824"], "modified": "2022-06-03T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:libxml2-utils-dbg", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "p-cpe:/a:debian:debian_linux:python3-libxml2", "p-cpe:/a:debian:debian_linux:python3-libxml2-dbg", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-3012.NASL", "href": "https://www.tenable.com/plugins/nessus/161243", "sourceData": "#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3012. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161243);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/03\");\n\n script_cve_id(\"CVE-2022-29824\");\n\n script_name(english:\"Debian DLA-3012-1 : libxml2 - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3012\nadvisory.\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010526\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/libxml2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-29824\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/libxml2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the libxml2 packages.\n\nFor Debian 9 stretch, this problem has been fixed in version 2.9.4+dfsg1-2.2+deb9u7.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/05/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'libxml2', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'libxml2-dbg', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'libxml2-dev', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'libxml2-doc', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'libxml2-utils', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'libxml2-utils-dbg', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'python-libxml2', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'python-libxml2-dbg', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'python3-libxml2', 'reference': '2.9.4+dfsg1-2.2+deb9u7'},\n {'release': '9.0', 'prefix': 'python3-libxml2-dbg', 'reference': '2.9.4+dfsg1-2.2+deb9u7'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libxml2 / libxml2-dbg / libxml2-dev / libxml2-doc / libxml2-utils / etc');\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:40:37", "description": "CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name.\n\nCVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 2.8.0+dfsg1-7+wheezy11.\n\nWe recommend that you upgrade your libxml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-12-01T00:00:00", "type": "nessus", "title": "Debian DLA-1194-1 : libxml2 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-16931", "CVE-2017-16932"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxml2", "p-cpe:/a:debian:debian_linux:libxml2-dbg", "p-cpe:/a:debian:debian_linux:libxml2-dev", "p-cpe:/a:debian:debian_linux:libxml2-doc", "p-cpe:/a:debian:debian_linux:libxml2-utils", "p-cpe:/a:debian:debian_linux:libxml2-utils-dbg", "p-cpe:/a:debian:debian_linux:python-libxml2", "p-cpe:/a:debian:debian_linux:python-libxml2-dbg", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-1194.NASL", "href": "https://www.tenable.com/plugins/nessus/104936", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1194-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(104936);\n script_version(\"3.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-16931\", \"CVE-2017-16932\");\n\n script_name(english:\"Debian DLA-1194-1 : libxml2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles\nparameter-entity references because the NEXTL macro calls the\nxmlParserHandlePEReference function in the case of a '%' character in\na DTD name.\n\nCVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent\ninfinite recursion in parameter entities.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n2.8.0+dfsg1-7+wheezy11.\n\nWe recommend that you upgrade your libxml2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/11/msg00041.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/libxml2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2-utils-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxml2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxml2\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-dev\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-doc\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxml2-utils-dbg\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"python-libxml2-dbg\", reference:\"2.8.0+dfsg1-7+wheezy11\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-19T04:32:50", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1750-1 advisory.\n\n - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. (CVE-2022-23308)\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-20T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2022:1750-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23308", "CVE-2022-29824"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxml2-2", "p-cpe:/a:novell:suse_linux:libxml2-2-32bit", "p-cpe:/a:novell:suse_linux:libxml2-devel", "p-cpe:/a:novell:suse_linux:libxml2-tools", "p-cpe:/a:novell:suse_linux:python2-libxml2-python", "p-cpe:/a:novell:suse_linux:python3-libxml2-python", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-1750-1.NASL", "href": "https://www.tenable.com/plugins/nessus/161390", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:1750-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161390);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2022-23308\", \"CVE-2022-29824\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:1750-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libxml2 (SUSE-SU-2022:1750-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:1750-1 advisory.\n\n - valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes. (CVE-2022-23308)\n\n - In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*)\n don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a\n victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for\n example libxslt through 1.1.35, is affected as well. (CVE-2022-29824)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1199132\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-May/011098.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ef6f4f87\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-23308\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-29824\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-29824\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-23308\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxml2-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python2-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.3|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1|2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1/2/3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15', 'SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-python2-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-python2-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15', 'sles-ltss-release-15']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-15', 'SLE_HPC-LTSS-release-15']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libxml2-2-32bit-2.9.7-150000.3.46.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libxml2-devel-32bit-2.9.7-150000.3.46.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libxml2-doc-2.9.7-150000.3.46.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'0', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'python2-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'python3-libxml2-python-2.9.7-150000.3.46.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libxml2-2-2.9.7-150000.3.46.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libxml2-devel-2.9.7-150000.3.46.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libxml2-tools-2.9.7-150000.3.46.1', 'sp':'2', 'release':'SLES