Lucene search

K
oraclelinuxOracleLinuxELSA-2021-3956
HistoryOct 25, 2021 - 12:00 a.m.

xstream security update

2021-10-2500:00:00
linux.oracle.com
25

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

[1.3.1-16]

  • Fix workaround
  • Resolves: CVE-2021-39148
    [1.3.1-15]
  • Fix remote code execution vulnerabilities
  • Resolves: CVE-2021-39139
  • Resolves: CVE-2021-39140
  • Resolves: CVE-2021-39141
  • Resolves: CVE-2021-39144
  • Resolves: CVE-2021-39145
  • Resolves: CVE-2021-39146
  • Resolves: CVE-2021-39147
  • Resolves: CVE-2021-39148
  • Resolves: CVE-2021-39149
  • Resolves: CVE-2021-39150
  • Resolves: CVE-2021-39151
  • Resolves: CVE-2021-39152
  • Resolves: CVE-2021-39153
  • Resolves: CVE-2021-39154

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P