(RHSA-2021:0799) Moderate: OpenShift Virtualization 2.6.0 security and bug fix update

2021-03-10T08:47:39

Description

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains the following OpenShift Virtualization 2.6.0 images: RHEL-8-CNV-2.6 ============== kubevirt-cpu-node-labeller-container-v2.6.0-5 kubevirt-cpu-model-nfd-plugin-container-v2.6.0-5 node-maintenance-operator-container-v2.6.0-13 kubevirt-vmware-container-v2.6.0-5 virtio-win-container-v2.6.0-5 kubevirt-kvm-info-nfd-plugin-container-v2.6.0-5 bridge-marker-container-v2.6.0-9 kubevirt-template-validator-container-v2.6.0-9 kubevirt-v2v-conversion-container-v2.6.0-6 kubemacpool-container-v2.6.0-13 kubevirt-ssp-operator-container-v2.6.0-40 hyperconverged-cluster-webhook-container-v2.6.0-73 hyperconverged-cluster-operator-container-v2.6.0-73 ovs-cni-plugin-container-v2.6.0-10 cnv-containernetworking-plugins-container-v2.6.0-10 ovs-cni-marker-container-v2.6.0-10 cluster-network-addons-operator-container-v2.6.0-16 hostpath-provisioner-container-v2.6.0-11 hostpath-provisioner-operator-container-v2.6.0-14 vm-import-virtv2v-container-v2.6.0-21 kubernetes-nmstate-handler-container-v2.6.0-19 vm-import-controller-container-v2.6.0-21 vm-import-operator-container-v2.6.0-21 virt-api-container-v2.6.0-111 virt-controller-container-v2.6.0-111 virt-handler-container-v2.6.0-111 virt-operator-container-v2.6.0-111 virt-launcher-container-v2.6.0-111 cnv-must-gather-container-v2.6.0-54 virt-cdi-importer-container-v2.6.0-24 virt-cdi-cloner-container-v2.6.0-24 virt-cdi-controller-container-v2.6.0-24 virt-cdi-uploadserver-container-v2.6.0-24 virt-cdi-apiserver-container-v2.6.0-24 virt-cdi-uploadproxy-container-v2.6.0-24 virt-cdi-operator-container-v2.6.0-24 hco-bundle-registry-container-v2.6.0-582 Security Fix(es): * golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283) * golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652) * gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) * golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586) * golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845) * jwt-go: access restriction bypass vulnerability (CVE-2020-26160) * golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813) * golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362) * containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

{"id": "RHSA-2021:0799", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2021:0799) Moderate: OpenShift Virtualization 2.6.0 security and bug fix update", "description": "OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.6.0 images:\n\nRHEL-8-CNV-2.6\n==============\nkubevirt-cpu-node-labeller-container-v2.6.0-5\nkubevirt-cpu-model-nfd-plugin-container-v2.6.0-5\nnode-maintenance-operator-container-v2.6.0-13\nkubevirt-vmware-container-v2.6.0-5\nvirtio-win-container-v2.6.0-5\nkubevirt-kvm-info-nfd-plugin-container-v2.6.0-5\nbridge-marker-container-v2.6.0-9\nkubevirt-template-validator-container-v2.6.0-9\nkubevirt-v2v-conversion-container-v2.6.0-6\nkubemacpool-container-v2.6.0-13\nkubevirt-ssp-operator-container-v2.6.0-40\nhyperconverged-cluster-webhook-container-v2.6.0-73\nhyperconverged-cluster-operator-container-v2.6.0-73\novs-cni-plugin-container-v2.6.0-10\ncnv-containernetworking-plugins-container-v2.6.0-10\novs-cni-marker-container-v2.6.0-10\ncluster-network-addons-operator-container-v2.6.0-16\nhostpath-provisioner-container-v2.6.0-11\nhostpath-provisioner-operator-container-v2.6.0-14\nvm-import-virtv2v-container-v2.6.0-21\nkubernetes-nmstate-handler-container-v2.6.0-19\nvm-import-controller-container-v2.6.0-21\nvm-import-operator-container-v2.6.0-21\nvirt-api-container-v2.6.0-111\nvirt-controller-container-v2.6.0-111\nvirt-handler-container-v2.6.0-111\nvirt-operator-container-v2.6.0-111\nvirt-launcher-container-v2.6.0-111\ncnv-must-gather-container-v2.6.0-54\nvirt-cdi-importer-container-v2.6.0-24\nvirt-cdi-cloner-container-v2.6.0-24\nvirt-cdi-controller-container-v2.6.0-24\nvirt-cdi-uploadserver-container-v2.6.0-24\nvirt-cdi-apiserver-container-v2.6.0-24\nvirt-cdi-uploadproxy-container-v2.6.0-24\nvirt-cdi-operator-container-v2.6.0-24\nhco-bundle-registry-container-v2.6.0-582\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2021-03-10T08:47:39", "modified": "2021-03-10T08:48:38", "epss": [{"cve": "CVE-2018-10103", "epss": 0.01245, "percentile": 0.83886, "modified": "2023-12-03"}, {"cve": "CVE-2018-10105", "epss": 0.01245, "percentile": 0.83886, "modified": "2023-12-03"}, {"cve": "CVE-2018-14461", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14462", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14463", "epss": 0.00331, "percentile": 0.67787, "modified": "2023-12-03"}, {"cve": "CVE-2018-14464", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14465", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14466", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14467", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14468", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14469", "epss": 0.00331, "percentile": 0.67787, "modified": "2023-12-03"}, {"cve": "CVE-2018-14470", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14879", "epss": 0.00205, "percentile": 0.5815, "modified": "2023-12-03"}, {"cve": "CVE-2018-14880", "epss": 0.00331, "percentile": 0.67787, "modified": "2023-12-03"}, {"cve": "CVE-2018-14881", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-14882", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-16227", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-16228", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-16229", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-16230", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-16300", "epss": 0.00785, "percentile": 0.79348, "modified": "2023-12-03"}, {"cve": "CVE-2018-16451", "epss": 0.00327, "percentile": 0.67513, "modified": "2023-12-03"}, {"cve": "CVE-2018-16452", "epss": 0.00785, "percentile": 0.79348, "modified": "2023-12-03"}, {"cve": "CVE-2018-20843", "epss": 0.6091, "percentile": 0.97475, "modified": "2023-12-03"}, {"cve": "CVE-2019-11068", "epss": 0.00188, "percentile": 0.56063, "modified": "2023-12-03"}, {"cve": "CVE-2019-13050", "epss": 0.01042, "percentile": 0.82218, "modified": "2023-12-03"}, {"cve": "CVE-2019-13627", "epss": 0.0021, "percentile": 0.58672, "modified": "2023-12-03"}, {"cve": "CVE-2019-14559", "epss": 0.00104, "percentile": 0.42092, "modified": "2023-12-03"}, {"cve": "CVE-2019-14889", "epss": 0.00734, "percentile": 0.78584, "modified": "2023-12-03"}, {"cve": "CVE-2019-15165", "epss": 0.00725, "percentile": 0.7844, "modified": "2023-12-03"}, {"cve": "CVE-2019-15166", "epss": 0.00931, "percentile": 0.81163, "modified": "2023-12-03"}, {"cve": "CVE-2019-15903", "epss": 0.00365, "percentile": 0.69283, "modified": "2023-12-03"}, {"cve": "CVE-2019-16168", "epss": 0.00578, "percentile": 0.75455, "modified": "2023-12-03"}, {"cve": "CVE-2019-16935", "epss": 0.00217, "percentile": 0.59447, "modified": "2023-12-03"}, {"cve": "CVE-2019-17450", "epss": 0.00715, "percentile": 0.78245, "modified": "2023-12-03"}, {"cve": "CVE-2019-18197", "epss": 0.00804, "percentile": 0.79667, "modified": "2023-12-03"}, {"cve": "CVE-2019-19221", "epss": 0.00076, "percentile": 0.31182, "modified": "2023-12-03"}, {"cve": "CVE-2019-19906", "epss": 0.0065, "percentile": 0.76997, "modified": "2023-12-03"}, {"cve": "CVE-2019-19956", "epss": 0.00437, "percentile": 0.71802, "modified": "2023-12-03"}, {"cve": "CVE-2019-20218", "epss": 0.01, "percentile": 0.81844, "modified": "2023-12-03"}, {"cve": "CVE-2019-20387", "epss": 0.00185, "percentile": 0.55509, "modified": "2023-12-03"}, {"cve": "CVE-2019-20388", "epss": 0.00797, "percentile": 0.79569, "modified": "2023-12-03"}, {"cve": "CVE-2019-20454", "epss": 0.0038, "percentile": 0.69843, "modified": "2023-12-03"}, {"cve": "CVE-2019-20807", "epss": 0.00048, "percentile": 0.14652, "modified": "2023-12-03"}, {"cve": "CVE-2019-20907", "epss": 0.01108, "percentile": 0.82788, "modified": "2023-12-03"}, {"cve": "CVE-2019-20916", "epss": 0.00254, "percentile": 0.63078, "modified": "2023-12-03"}, {"cve": "CVE-2019-5018", "epss": 0.11198, "percentile": 0.94601, "modified": "2023-12-03"}, {"cve": "CVE-2019-8625", "epss": 0.00132, "percentile": 0.47934, "modified": "2023-12-03"}, {"cve": "CVE-2019-8710", "epss": 0.00306, "percentile": 0.66386, "modified": "2023-12-03"}, {"cve": "CVE-2019-8720", "epss": 0.00576, "percentile": 0.75422, "modified": "2023-12-03"}, {"cve": "CVE-2019-8743", "epss": 0.00306, "percentile": 0.66386, "modified": "2023-12-03"}, {"cve": "CVE-2019-8764", "epss": 0.00217, "percentile": 0.59444, "modified": "2023-12-03"}, {"cve": "CVE-2019-8766", "epss": 0.00569, "percentile": 0.75256, "modified": "2023-12-03"}, {"cve": "CVE-2019-8769", "epss": 0.00076, "percentile": 0.31198, "modified": "2023-12-03"}, {"cve": "CVE-2019-8771", "epss": 0.00084, "percentile": 0.35083, "modified": "2023-12-03"}, {"cve": "CVE-2019-8782", "epss": 0.00875, "percentile": 0.80517, "modified": "2023-12-03"}, {"cve": "CVE-2019-8783", "epss": 0.01995, "percentile": 0.87512, "modified": "2023-12-03"}, {"cve": "CVE-2019-8808", "epss": 0.00875, "percentile": 0.80517, "modified": "2023-12-03"}, {"cve": "CVE-2019-8811", "epss": 0.01094, "percentile": 0.82677, "modified": "2023-12-03"}, {"cve": "CVE-2019-8812", "epss": 0.00875, "percentile": 0.80517, "modified": "2023-12-03"}, {"cve": "CVE-2019-8813", "epss": 0.00257, "percentile": 0.63246, "modified": "2023-12-03"}, {"cve": "CVE-2019-8814", "epss": 0.00909, "percentile": 0.80912, "modified": "2023-12-03"}, {"cve": "CVE-2019-8815", "epss": 0.00909, "percentile": 0.80912, "modified": "2023-12-03"}, {"cve": "CVE-2019-8816", "epss": 0.00993, "percentile": 0.81791, "modified": "2023-12-03"}, {"cve": "CVE-2019-8819", "epss": 0.01995, "percentile": 0.87512, "modified": "2023-12-03"}, {"cve": "CVE-2019-8820", "epss": 0.79289, "percentile": 0.97969, "modified": "2023-12-03"}, {"cve": "CVE-2019-8823", "epss": 0.01995, "percentile": 0.87512, "modified": "2023-12-03"}, {"cve": "CVE-2019-8835", "epss": 0.00483, "percentile": 0.73126, "modified": "2023-12-03"}, {"cve": "CVE-2019-8844", "epss": 0.00642, "percentile": 0.76826, "modified": "2023-12-03"}, {"cve": "CVE-2019-8846", "epss": 0.00425, "percentile": 0.71414, "modified": "2023-12-03"}, {"cve": "CVE-2020-10018", "epss": 0.01224, "percentile": 0.83709, "modified": "2023-12-03"}, {"cve": "CVE-2020-10029", "epss": 0.00063, "percentile": 0.25148, "modified": "2023-12-03"}, {"cve": "CVE-2020-11793", "epss": 0.01336, "percentile": 0.84489, "modified": "2023-12-03"}, {"cve": "CVE-2020-12321", "epss": 0.0007, "percentile": 0.29041, "modified": "2023-12-03"}, {"cve": "CVE-2020-12400", "epss": 0.00045, "percentile": 0.12279, "modified": "2023-12-03"}, {"cve": "CVE-2020-12403", "epss": 0.00202, "percentile": 0.57882, "modified": "2023-12-03"}, {"cve": "CVE-2020-13630", "epss": 0.00059, "percentile": 0.23016, "modified": "2023-12-03"}, {"cve": "CVE-2020-13631", "epss": 0.00053, "percentile": 0.18845, "modified": "2023-12-03"}, {"cve": "CVE-2020-13632", "epss": 0.00046, "percentile": 0.14047, "modified": "2023-12-03"}, {"cve": "CVE-2020-14040", "epss": 0.00116, "percentile": 0.45178, "modified": "2023-12-03"}, {"cve": "CVE-2020-14351", "epss": 0.00092, "percentile": 0.38575, "modified": "2023-12-03"}, {"cve": "CVE-2020-14382", "epss": 0.00091, "percentile": 0.38268, "modified": "2023-12-03"}, {"cve": "CVE-2020-14391", "epss": 0.00042, "percentile": 0.0573, "modified": "2023-12-03"}, {"cve": "CVE-2020-14422", "epss": 0.01159, "percentile": 0.83203, "modified": "2023-12-03"}, {"cve": "CVE-2020-15503", "epss": 0.00769, "percentile": 0.79104, "modified": "2023-12-03"}, {"cve": "CVE-2020-15586", "epss": 0.01002, "percentile": 0.81869, "modified": "2023-12-03"}, {"cve": "CVE-2020-15999", "epss": 0.05294, "percentile": 0.92216, "modified": "2023-12-03"}, {"cve": "CVE-2020-16845", "epss": 0.05443, "percentile": 0.92338, "modified": "2023-12-03"}, {"cve": "CVE-2020-1730", "epss": 0.00329, "percentile": 0.67665, "modified": "2023-12-03"}, {"cve": "CVE-2020-1751", "epss": 0.00045, "percentile": 0.12178, "modified": "2023-12-03"}, {"cve": "CVE-2020-1752", "epss": 0.00099, "percentile": 0.40397, "modified": "2023-12-03"}, {"cve": "CVE-2020-1971", "epss": 0.00404, "percentile": 0.70733, "modified": "2023-12-03"}, {"cve": "CVE-2020-24659", "epss": 0.00385, "percentile": 0.70049, "modified": "2023-12-03"}, {"cve": "CVE-2020-25681", "epss": 0.15937, "percentile": 0.95396, "modified": "2023-12-03"}, {"cve": "CVE-2020-25682", "epss": 0.10872, "percentile": 0.94532, "modified": "2023-12-03"}, {"cve": "CVE-2020-25683", "epss": 0.08665, "percentile": 0.93845, "modified": "2023-12-03"}, {"cve": "CVE-2020-25684", "epss": 0.00831, "percentile": 0.79981, "modified": "2023-12-03"}, {"cve": "CVE-2020-25685", "epss": 0.00394, "percentile": 0.70396, "modified": "2023-12-03"}, {"cve": "CVE-2020-25686", "epss": 0.00378, "percentile": 0.69788, "modified": "2023-12-03"}, {"cve": "CVE-2020-25687", "epss": 0.08665, "percentile": 0.93845, "modified": "2023-12-03"}, {"cve": "CVE-2020-25705", "epss": 0.00303, "percentile": 0.66186, "modified": "2023-12-03"}, {"cve": "CVE-2020-26160", "epss": 0.00193, "percentile": 0.56914, "modified": "2023-12-03"}, {"cve": "CVE-2020-27813", "epss": 0.00296, "percentile": 0.65854, "modified": "2023-12-03"}, {"cve": "CVE-2020-28362", "epss": 0.00442, "percentile": 0.71949, "modified": "2023-12-03"}, {"cve": "CVE-2020-29652", "epss": 0.00542, "percentile": 0.74643, "modified": "2023-12-03"}, {"cve": "CVE-2020-29661", "epss": 0.00046, "percentile": 0.12801, "modified": "2023-12-03"}, {"cve": "CVE-2020-3862", "epss": 0.00168, "percentile": 0.53367, "modified": "2023-12-03"}, {"cve": "CVE-2020-3864", "epss": 0.00045, "percentile": 0.12178, "modified": "2023-12-03"}, {"cve": "CVE-2020-3865", "epss": 0.00338, "percentile": 0.68097, "modified": "2023-12-03"}, {"cve": "CVE-2020-3867", "epss": 0.00159, "percentile": 0.5226, "modified": "2023-12-03"}, {"cve": "CVE-2020-3868", "epss": 0.00255, "percentile": 0.63108, "modified": "2023-12-03"}, {"cve": "CVE-2020-3885", "epss": 0.00188, "percentile": 0.56036, "modified": "2023-12-03"}, {"cve": "CVE-2020-3894", "epss": 0.01253, "percentile": 0.83937, "modified": "2023-12-03"}, {"cve": "CVE-2020-3895", "epss": 0.00784, "percentile": 0.79346, "modified": "2023-12-03"}, {"cve": "CVE-2020-3897", "epss": 0.0115, "percentile": 0.83125, "modified": "2023-12-03"}, {"cve": "CVE-2020-3899", "epss": 0.00856, "percentile": 0.80276, "modified": "2023-12-03"}, {"cve": "CVE-2020-3900", "epss": 0.00784, "percentile": 0.79346, "modified": "2023-12-03"}, {"cve": "CVE-2020-3901", "epss": 0.00775, "percentile": 0.79217, "modified": "2023-12-03"}, {"cve": "CVE-2020-3902", "epss": 0.00499, "percentile": 0.73548, "modified": "2023-12-03"}, {"cve": "CVE-2020-6405", "epss": 0.00599, "percentile": 0.75907, "modified": "2023-12-03"}, {"cve": "CVE-2020-6829", "epss": 0.00117, "percentile": 0.45226, "modified": "2023-12-03"}, {"cve": "CVE-2020-7595", "epss": 0.00641, "percentile": 0.76799, "modified": "2023-12-03"}, {"cve": "CVE-2020-8492", "epss": 0.00763, "percentile": 0.79016, "modified": "2023-12-03"}, {"cve": "CVE-2020-8619", "epss": 0.00318, "percentile": 0.67081, "modified": "2023-12-03"}, {"cve": "CVE-2020-8622", "epss": 0.00425, "percentile": 0.71412, "modified": "2023-12-03"}, {"cve": "CVE-2020-8623", "epss": 0.023, "percentile": 0.88463, "modified": "2023-12-03"}, {"cve": "CVE-2020-8624", "epss": 0.00293, "percentile": 0.65671, "modified": "2023-12-03"}, {"cve": "CVE-2020-9283", "epss": 0.23407, "percentile": 0.96078, "modified": "2023-12-03"}, {"cve": "CVE-2020-9327", "epss": 0.00817, "percentile": 0.79807, "modified": "2023-12-03"}, {"cve": "CVE-2020-9802", "epss": 0.54595, "percentile": 0.97311, "modified": "2023-12-03"}, {"cve": "CVE-2020-9803", "epss": 0.00554, "percentile": 0.74904, "modified": "2023-12-03"}, {"cve": "CVE-2020-9805", "epss": 0.00263, "percentile": 0.63681, "modified": "2023-12-03"}, {"cve": "CVE-2020-9806", "epss": 0.00557, "percentile": 0.74957, "modified": "2023-12-03"}, {"cve": "CVE-2020-9807", "epss": 0.00557, "percentile": 0.74957, "modified": "2023-12-03"}, {"cve": "CVE-2020-9843", "epss": 0.0033, "percentile": 0.67768, "modified": "2023-12-03"}, {"cve": "CVE-2020-9850", "epss": 0.4265, "percentile": 0.96963, "modified": "2023-12-03"}, {"cve": "CVE-2020-9862", "epss": 0.0013, "percentile": 0.47506, "modified": "2023-12-03"}, {"cve": "CVE-2020-9893", "epss": 0.01147, "percentile": 0.83102, "modified": "2023-12-03"}, {"cve": "CVE-2020-9894", "epss": 0.00425, "percentile": 0.71395, "modified": "2023-12-03"}, {"cve": "CVE-2020-9895", "epss": 0.02359, "percentile": 0.88597, "modified": "2023-12-03"}, {"cve": "CVE-2020-9915", "epss": 0.00251, "percentile": 0.62768, "modified": "2023-12-03"}, {"cve": "CVE-2020-9925", "epss": 0.00265, "percentile": 0.63886, "modified": "2023-12-03"}, {"cve": "CVE-2021-20206", "epss": 0.00194, "percentile": 0.5697, "modified": "2023-12-03"}, {"cve": "CVE-2021-3121", "epss": 0.00829, "percentile": 0.79962, "modified": "2023-12-03"}, {"cve": "CVE-2021-3156", "epss": 0.96575, "percentile": 0.99509, "modified": "2023-12-03"}], "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 9.3}, "severity": "HIGH", "exploitabilityScore": 8.6, "impactScore": 10.0, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://access.redhat.com/errata/RHSA-2021:0799", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-20843", "CVE-2019-11068", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14559", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-18197", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-11793", "CVE-2020-12321", "CVE-2020-12400", "CVE-2020-12403", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14040", "CVE-2020-14351", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15503", "CVE-2020-15586", "CVE-2020-15999", "CVE-2020-16845", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687", "CVE-2020-25705", "CVE-2020-26160", "CVE-2020-27813", "CVE-2020-28362", "CVE-2020-29652", "CVE-2020-29661", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-6829", "CVE-2020-7595", "CVE-2020-8492", "CVE-2020-8619", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624", "CVE-2020-9283", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2021-20206", "CVE-2021-3121", "CVE-2021-3156"], "immutableFields": [], "lastseen": "2023-12-03T20:41:19", "viewCount": 39, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["BIND_ADVISORY18.ASC", "OPENSSL_ADVISORY32.ASC", "TCPDUMP_ADVISORY5.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:3662", "ALSA-2020:4432", "ALSA-2020:4433", "ALSA-2020:4442", "ALSA-2020:4443", "ALSA-2020:4451", "ALSA-2020:4453", "ALSA-2020:4464", "ALSA-2020:4465", "ALSA-2020:4479", "ALSA-2020:4482", "ALSA-2020:4484", "ALSA-2020:4490", "ALSA-2020:4497", "ALSA-2020:4508", "ALSA-2020:4539", "ALSA-2020:4542", "ALSA-2020:4545", "ALSA-2020:4547", "ALSA-2020:4641", "ALSA-2020:4654", "ALSA-2020:4694", "ALSA-2020:4760", "ALSA-2020:4805", "ALSA-2020:4846", "ALSA-2020:4952", "ALSA-2020:5476", "ALSA-2020:5479", "ALSA-2020:5483", "ALSA-2020:5493", "ALSA-2021:0150", "ALSA-2021:0218", "ALSA-2021:0538", "ALSA-2021:0558", "ALSA-2021:1796", "ALSA-2021:1968"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2018-10103", "ALPINE:CVE-2018-10105", "ALPINE:CVE-2018-14461", "ALPINE:CVE-2018-14462", "ALPINE:CVE-2018-14463", "ALPINE:CVE-2018-14464", "ALPINE:CVE-2018-14465", "ALPINE:CVE-2018-14466", "ALPINE:CVE-2018-14467", "ALPINE:CVE-2018-14468", "ALPINE:CVE-2018-14469", "ALPINE:CVE-2018-14470", "ALPINE:CVE-2018-14879", "ALPINE:CVE-2018-14880", "ALPINE:CVE-2018-14881", "ALPINE:CVE-2018-14882", "ALPINE:CVE-2018-16227", "ALPINE:CVE-2018-16228", "ALPINE:CVE-2018-16229", "ALPINE:CVE-2018-16230", "ALPINE:CVE-2018-16300", "ALPINE:CVE-2018-16451", "ALPINE:CVE-2018-16452", "ALPINE:CVE-2018-20843", "ALPINE:CVE-2019-11068", "ALPINE:CVE-2019-13627", "ALPINE:CVE-2019-14889", "ALPINE:CVE-2019-15165", "ALPINE:CVE-2019-15166", "ALPINE:CVE-2019-15167", "ALPINE:CVE-2019-15903", "ALPINE:CVE-2019-16168", "ALPINE:CVE-2019-16935", "ALPINE:CVE-2019-18197", "ALPINE:CVE-2019-19906", "ALPINE:CVE-2019-19956", "ALPINE:CVE-2019-20218", "ALPINE:CVE-2019-20388", "ALPINE:CVE-2019-20907", "ALPINE:CVE-2019-5018", "ALPINE:CVE-2019-8625", "ALPINE:CVE-2019-8710", "ALPINE:CVE-2019-8720", "ALPINE:CVE-2019-8743", "ALPINE:CVE-2019-8764", "ALPINE:CVE-2019-8766", "ALPINE:CVE-2019-8769", "ALPINE:CVE-2019-8771", "ALPINE:CVE-2019-8782", "ALPINE:CVE-2019-8783", "ALPINE:CVE-2019-8811", "ALPINE:CVE-2019-8812", "ALPINE:CVE-2019-8813", "ALPINE:CVE-2019-8814", "ALPINE:CVE-2019-8815", "ALPINE:CVE-2019-8816", "ALPINE:CVE-2019-8819", "ALPINE:CVE-2019-8820", "ALPINE:CVE-2019-8823", "ALPINE:CVE-2019-8835", "ALPINE:CVE-2019-8844", "ALPINE:CVE-2019-8846", "ALPINE:CVE-2020-10018", "ALPINE:CVE-2020-11793", "ALPINE:CVE-2020-12400", "ALPINE:CVE-2020-12403", "ALPINE:CVE-2020-13630", "ALPINE:CVE-2020-13631", "ALPINE:CVE-2020-13632", "ALPINE:CVE-2020-14382", "ALPINE:CVE-2020-14422", "ALPINE:CVE-2020-15503", "ALPINE:CVE-2020-15586", "ALPINE:CVE-2020-15999", "ALPINE:CVE-2020-16845", "ALPINE:CVE-2020-1730", "ALPINE:CVE-2020-1971", "ALPINE:CVE-2020-25681", "ALPINE:CVE-2020-25682", "ALPINE:CVE-2020-25683", "ALPINE:CVE-2020-25684", "ALPINE:CVE-2020-25685", "ALPINE:CVE-2020-25686", "ALPINE:CVE-2020-25687", "ALPINE:CVE-2020-26160", "ALPINE:CVE-2020-28362", "ALPINE:CVE-2020-6829", "ALPINE:CVE-2020-7595", "ALPINE:CVE-2020-8492", "ALPINE:CVE-2020-8619", "ALPINE:CVE-2020-8622", "ALPINE:CVE-2020-8623", "ALPINE:CVE-2020-8624", "ALPINE:CVE-2020-9802", "ALPINE:CVE-2020-9803", "ALPINE:CVE-2020-9805", "ALPINE:CVE-2020-9806", "ALPINE:CVE-2020-9807", "ALPINE:CVE-2020-9843", "ALPINE:CVE-2020-9850", "ALPINE:CVE-2020-9862", "ALPINE:CVE-2020-9893", "ALPINE:CVE-2020-9894", "ALPINE:CVE-2020-9895", "ALPINE:CVE-2020-9915", "ALPINE:CVE-2020-9925", "ALPINE:CVE-2021-20206", "ALPINE:CVE-2021-3121", "ALPINE:CVE-2021-3156"]}, {"type": "altlinux", "idList": ["006E1C5366A64291FF8E0353D42B4FBB", "0666BB8481B59C8FF60D851348A7369C", "141BCA173D3741F34B14D86CB9A2B931", "16960D394B153CCE06DA5283BF2523C0", "172377A713A918D5853CA3E9B24EFF85", "1E1894CCC7195BF40E6FE3F3E3556D61", "2777060AF262CE012638411E1C9044B6", "2CF8AF7D1A2D42287EAC2DE68AEEB18D", "2F0D87FD658E0401E0538D5D65520F57", "33BC9B12459278B2E8AA2FCB5E629EE0", "399DD76D4B44924FCBEE33240BDD953E", "3A3AB1EB9C8B702D7FE2E5FCC4C174D6", "3C4A6B67E0D9728ADB6025D4036C16C2", "3F8DD9A2242252682A03A0575F5E7849", "506C1AE9D5B9144EB0FE579718193DB1", "516F69414A5664E48CE6F74BE40B4A98", "6136B94EDC52560DDD6E26DEF1C1C233", "661ECFDBE50A26499E5EEDC0AEFF0489", "6EC23EDF5005F790300051B316B093D4", "7386C69A4A551C491C79DF433DF0C82F", "864D4BAD00FC35A95D316BFD81ABFD93", "8877435F96678D9F2B43BD5FED7C28FD", "8907B92479FC3D90FF62A4920C4D6940", "909AD112600F4B7C9F7BE0EA6049CD74", "B7B3433AC1544A3E36FEFA1DBBAA6093", "BF346AAE391F0CD1097D4DB67686DC33", "C259351860BCFBD26787D316DF3231D2", "D2AF5967FB772111657DCE1F8F05D5DA", "DABA184416A75A46AE97FCFDB8DD6816", "E2B656B34248CCB3646CFD3B2F271223", "EF98134BF35516822BE2F1B57E3DC142", "F2F8CB06F62B8B4740434DE390A0EF18", "F60761B898DC69A381B52FE1247B1814", "FD3981727F0622358F665D7D7E7A3DF5", "FFCD9E207A1C842797CF9F17E8B46010"]}, {"type": "amazon", "idList": ["ALAS-2019-1241", "ALAS-2020-1342", "ALAS-2020-1406", "ALAS-2020-1407", "ALAS-2020-1417", "ALAS-2020-1427", "ALAS-2020-1428", "ALAS-2020-1429", "ALAS-2020-1432", "ALAS-2020-1436", "ALAS-2020-1438", "ALAS-2020-1456", "ALAS-2020-1457", "ALAS-2020-1460", "ALAS-2020-1462", "ALAS-2020-1464", "ALAS-2020-1468", "ALAS-2020-1471", "ALAS-2021-1457", "ALAS-2021-1459", "ALAS-2021-1461", "ALAS-2021-1463", "ALAS-2021-1471", "ALAS-2021-1474", "ALAS-2021-1477", "ALAS-2021-1478", "ALAS-2021-1511", "ALAS-2021-1522", "ALAS-2022-1641", "ALAS2-2019-1376", "ALAS2-2020-1387", "ALAS2-2020-1432", "ALAS2-2020-1471", "ALAS2-2020-1479", "ALAS2-2020-1483", "ALAS2-2020-1484", "ALAS2-2020-1494", "ALAS2-2020-1510", "ALAS2-2020-1513", "ALAS2-2020-1534", "ALAS2-2020-1535", "ALAS2-2020-1559", "ALAS2-2020-1563", "ALAS2-2020-1564", "ALAS2-2020-1565", "ALAS2-2020-1566", "ALAS2-2020-1573", "ALAS2-2021-1578", "ALAS2-2021-1587", "ALAS2-2021-1588", "ALAS2-2021-1590", "ALAS2-2021-1639", "ALAS2-2022-1830", "ALAS2-2023-1944", "ALAS2-2023-2119", "ALAS2-2023-2151", "ALAS2-2023-2174", "ALAS2-2023-2221"]}, {"type": "apple", "idList": ["APPLE:0458C0EDF2FE61DE5E3752F33DA333D7", "APPLE:07C404431E4E9AA795FF43515E579852", "APPLE:0CE264553CBE730E0D2CF16017A5B273", "APPLE:0E1C386A7EBAE50F1A16EBD5FB86ED98", "APPLE:18DA9C53BF9A01E449E85E3E61CCDEC0", "APPLE:22E5661C993E7A1F50344055EDC625BA", "APPLE:23F4B15F98B9E907DBA0469D5F0BC654", "APPLE:24F0CE6C0A090A12BFC0624F060D429D", "APPLE:2B6F011ECD9EFE0F4D0983E7E6A91A15", "APPLE:2BE63E6C0ABEE62B27017A6E38BA31E8", "APPLE:2C63B730F1D775BC1F496033AB4C1E50", "APPLE:2D778DC3A51D07FD2EE75D0D87598CAB", "APPLE:362DE2664179C21B7B8FFF788120813E", "APPLE:39DFCF58466CAAB3F50DE93E2A885C72", "APPLE:3D7765FAAA5588336144E1B60D0B775E", "APPLE:47A6F4E1660238E39625B31A34F6CDF1", "APPLE:4CDA87B47F793E07ABCA7B9C9345521B", "APPLE:4F5D2C20724C56D494032826B570F894", "APPLE:51FF6F769BC40CE415F07D8346C6A88D", "APPLE:524576436C5FDCCC5080CD76C6051F20", "APPLE:53B6452EB8CCAAEE3940A468CD7301EF", "APPLE:5A8CFDD70DD53A4CB492643428B2B78C", "APPLE:60BF7F72692F6CFF341525F7AC92F5EC", "APPLE:664BB2884C7D375FC11AD8C7123D5CCD", "APPLE:7033CCA4E259F96F17D1D049B6D11BE0", "APPLE:717EB24E41379638A244FDCE287538E6", "APPLE:76759F30E38205B816379E57C5E5C4C3", "APPLE:7896F4A93FD5FD018CC9D732F6694D33", "APPLE:7B414D7D6363796AB8F0EB89C5EEC383", "APPLE:82B6E79FBF3E204AFF11B0D8FA1D8701", "APPLE:87ECB5906FD123665AEE056A2BC685F6", "APPLE:8962973934F6CCC5756D8D4DB8D1F37F", "APPLE:8C1FE42B64A09C7B23ECEB4773F3CF3C", "APPLE:8EE1AE6C5FCC43369EAB8454FB35ED71", "APPLE:914AF8F52D4AB5DC92631271089CEE87", "APPLE:9AAA600C4496E1F352EC9F07A8BDC39B", "APPLE:9CAF885CB18F659BDEB0CAC7F6570924", "APPLE:A1A8D52172AE1DABB07F3860D96264D1", "APPLE:A795FDEEEAA9C6C9B86551E188F8FA02", "APPLE:AA327FA1C4CF3105C8CBED9D78735E12", "APPLE:AA62A80C9E6F6992009BCCB45F9D570E", "APPLE:AA7D20441BD99D01D8BEDE3B9762EB04", "APPLE:AA9B80D4202B0773A6E30EECAE778C28", "APPLE:B079F933FC53AA9BD392638EBBEA2490", "APPLE:B4A51DEE7A0FB4F7EC28603D8D3C11F4", "APPLE:B52E92BE35619FA480B979F2662F87F8", "APPLE:B7C1A6678C1DA6625F5D2C92817D61DA", "APPLE:B891E6B961A423A3FA7E0836C2B1370D", "APPLE:BEA171F52CE1A41E31B39FE9FEF8FF60", "APPLE:BF1622028DAB7FB7B0D91852357DB961", "APPLE:CB6B9C8601808E98E91120E4D36A36F1", "APPLE:CC90AF91854DC3DAAF69A4D6FA63346F", "APPLE:CF9C08BD8DDC6A4A1E0D3912347422D3", "APPLE:D725BA42FF7DF9373C130EE10E8F427D", "APPLE:D7732CBB7EC3F59A83A8A74E674D8D67", "APPLE:E7AB28D63A34D7E0CE963F4835068B5C", "APPLE:ED19354ED13D765201D7E383EBAA2805", "APPLE:F0DD36964D42DC3E67689751DBBFF908", "APPLE:F7CA1A5840C15D3C9444B9C7F4FBA655", "APPLE:F8724C8799ED31E68E5E9D403280DAB8", "APPLE:FE34E67588C6E371B47F8C80ED459F90", "APPLE:HT210603", "APPLE:HT210604", "APPLE:HT210605", "APPLE:HT210606", "APPLE:HT210607", "APPLE:HT210608", "APPLE:HT210634", "APPLE:HT210635", "APPLE:HT210636", "APPLE:HT210637", "APPLE:HT210721", "APPLE:HT210723", "APPLE:HT210724", "APPLE:HT210725", "APPLE:HT210726", "APPLE:HT210727", "APPLE:HT210728", "APPLE:HT210785", "APPLE:HT210788", "APPLE:HT210789", "APPLE:HT210790", "APPLE:HT210792", "APPLE:HT210793", "APPLE:HT210794", "APPLE:HT210795", "APPLE:HT210918", "APPLE:HT210920", "APPLE:HT210922", "APPLE:HT210923", "APPLE:HT210947", "APPLE:HT210948", "APPLE:HT211100", "APPLE:HT211101", "APPLE:HT211102", "APPLE:HT211103", "APPLE:HT211104", "APPLE:HT211105", "APPLE:HT211106", "APPLE:HT211107", "APPLE:HT211168", "APPLE:HT211171", "APPLE:HT211175", "APPLE:HT211177", "APPLE:HT211178", "APPLE:HT211179", "APPLE:HT211181", "APPLE:HT211288", "APPLE:HT211289", "APPLE:HT211290", "APPLE:HT211291", "APPLE:HT211292", "APPLE:HT211293", "APPLE:HT211294", "APPLE:HT211295", "APPLE:HT211843", "APPLE:HT211844", "APPLE:HT211850", "APPLE:HT211931", "APPLE:HT211935", "APPLE:HT211952", "APPLE:HT212177"]}, {"type": "archlinux", "idList": ["ASA-201910-15", "ASA-201910-16", "ASA-201910-17", "ASA-202002-10", "ASA-202002-3", "ASA-202002-7", "ASA-202003-4", "ASA-202003-9", "ASA-202004-11", "ASA-202004-17", "ASA-202004-23", "ASA-202006-13", "ASA-202007-1", "ASA-202010-10", "ASA-202010-11", "ASA-202011-12", "ASA-202011-15", "ASA-202011-16", "ASA-202012-24", "ASA-202101-25", "ASA-202101-38", "ASA-202103-27"]}, {"type": "arista", "idList": ["ARISTA:0061", "ARISTA:0062"]}, {"type": "attackerkb", "idList": ["AKB:67AA97AC-E920-4D0C-9B50-6B1C42E683D1", "AKB:B72B19ED-8E0B-4C11-9C2D-95A25BCC42A6", "AKB:BC51026B-2BE3-44B4-BB8E-2FEAC9CE2DE6", "AKB:C6F99915-AA1F-419E-A866-FCD1140D6667", "AKB:FD5DCD72-BB0A-4081-AB80-02486983B88F"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987", "AVLEONOV:8378A14587C08A1636BEE66608020687"]}, {"type": "cbl_mariner", "idList": ["CBLMARINER:1803", "CBLMARINER:1830", "CBLMARINER:1831", "CBLMARINER:1832", "CBLMARINER:1834", "CBLMARINER:1868", "CBLMARINER:1875", "CBLMARINER:1877", "CBLMARINER:1902", "CBLMARINER:1910", "CBLMARINER:1937", "CBLMARINER:1943", "CBLMARINER:1990", "CBLMARINER:1992", "CBLMARINER:1993", "CBLMARINER:2201", "CBLMARINER:2552", "CBLMARINER:2662", "CBLMARINER:3519", "CBLMARINER:3604", "CBLMARINER:3627", "CBLMARINER:3651", "CBLMARINER:3659", "CBLMARINER:3691", "CBLMARINER:3788", "CBLMARINER:3789", "CBLMARINER:3790", "CBLMARINER:3813", "CBLMARINER:3814", "CBLMARINER:3815", "CBLMARINER:3816", "CBLMARINER:3881", "CBLMARINER:4326", "CBLMARINER:6265", "CBLMARINER:6369", "CBLMARINER:6445", "CBLMARINER:6746", "CBLMARINER:6825", "CBLMARINER:8321", "CBLMARINER:8324"]}, {"type": "centos", "idList": ["CESA-2019:3193", "CESA-2019:3210", "CESA-2019:3756", "CESA-2020:3888", "CESA-2020:3911", "CESA-2020:3952", "CESA-2020:3996", "CESA-2020:4035", "CESA-2020:4076", "CESA-2020:4183", "CESA-2020:4907", "CESA-2020:5009", "CESA-2020:5010", "CESA-2020:5011", "CESA-2020:5566", "CESA-2021:0153", "CESA-2021:0221", "CESA-2021:0339", "CESA-2021:0348", "CESA-2021:0856", "CESA-2022:5234"]}, {"type": "cert", "idList": ["VU:434904", "VU:794544"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1032", "CPAI-2020-1069", "CPAI-2020-3251", "CPAI-2020-3252", "CPAI-2020-3597"]}, {"type": "checkpoint_security", "idList": ["CPS:SK171751"]}, {"type": "chrome", "idList": ["GCSA-164021554802225166", "GCSA-7216160875710850344", "GCSA-8579594118646068818"]}, {"type": "cisa", "idList": ["CISA:6AB408E664DEC2691E5D7872C63AFD97", "CISA:765265E5BF9328E9BAF09F93A1684580", "CISA:EB64BAE1A85869BDC145CE238F167D6F"]}, {"type": "cisa_kev", "idList": ["CISA-KEV-CVE-2019-8720", "CISA-KEV-CVE-2020-15999", "CISA-KEV-CVE-2021-3156"]}, {"type": "cisco", "idList": ["CISCO-SA-DNSMASQ-DNS-2021-C5MRDF3G", "CISCO-SA-SUDO-PRIVESC-JAN2021-QNYQFCM"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:136BE5151C3129DFE4B735524824187D", "CFOUNDRY:13BA697370B05DA79A1C88E29233A25D", "CFOUNDRY:27211E4DD1581F828C1D9632281F2B4B", "CFOUNDRY:322886B40F0FE55C516FF12037103125", "CFOUNDRY:372C89C2034124B41C6B1DC1B76A49D9", "CFOUNDRY:3B00E04C67EFB83F5D044A76DD92B52C", "CFOUNDRY:40DA9EC9652A3858F9F7AF08C709173D", "CFOUNDRY:482A184FE0A9A84338FFE0A421B192C1", "CFOUNDRY:4C29708E9DB1757C4BE1AE571C33062C", "CFOUNDRY:4CA229089D29B1A5C8F47ED6A12CAC1D", "CFOUNDRY:5EA8EE4734BECA5E26F0C02B2E976F48", "CFOUNDRY:6842286EED83D27526CFF6743C20F98E", "CFOUNDRY:7B62E6C6256F00DF44936E8DDF0C57DB", "CFOUNDRY:7B92D9A04EEAF76D3D43537BB07E46FA", "CFOUNDRY:7CFA05FF63DADFE32E3B6B3CFD30F896", "CFOUNDRY:81709274A5535B1DACDD4242D3B162A5", "CFOUNDRY:853E5589D5EE11B72526D65C16FA38B8", "CFOUNDRY:8CFF4A0AF748B0C857C01324EB35B6D4", "CFOUNDRY:A2488D03CBE987233F934844F44A3BB5", "CFOUNDRY:AA356DA8CD5E3C69DBEE45AEF6C8C74F", "CFOUNDRY:AEC4CB59C79AE6422739539A64DE92CC", "CFOUNDRY:BCFE0333C3F2E89FFDF11615D117C9AF", "CFOUNDRY:BEC31F74593CCC62B726A27E114C47CC", "CFOUNDRY:BFC28EFEE9A9ABA8EC627AB7942BCFD7", "CFOUNDRY:D18C016FED8F2EC566E781EC4B141FB0", "CFOUNDRY:DF038CA686095997F28010C0D12B1C6A", "CFOUNDRY:E28868CF5495F6C7D71AC5B00564832A", "CFOUNDRY:E2EC45D69AA3550DE981BAC4E63015D3", "CFOUNDRY:E9CE0268DAFD76AE052E27B69A06ACBD", "CFOUNDRY:FA8004154EABA0892471FE01E71BFD29", "CFOUNDRY:FAA30968EB5FC787D7DD15251E2F2C77"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1608724134", "CLSA-2021:1611743864", "CLSA-2021:1632261812", "CLSA-2021:1632261839", "CLSA-2021:1632401716", "CLSA-2021:1633442879", "CLSA-2021:1639670534", "CLSA-2021:1640621287", "CLSA-2021:1640697315", "CLSA-2022:1641903536"]}, {"type": "cve", "idList": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19325", "CVE-2018-20843", "CVE-2019-11068", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14559", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15167", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-18197", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20838", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-11793", "CVE-2020-12321", "CVE-2020-12400", "CVE-2020-12403", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14040", "CVE-2020-14351", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15503", "CVE-2020-15586", "CVE-2020-15999", "CVE-2020-16845", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687", "CVE-2020-25705", "CVE-2020-26160", "CVE-2020-27813", "CVE-2020-28362", "CVE-2020-29652", "CVE-2020-29661", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-6829", "CVE-2020-7595", "CVE-2020-8492", "CVE-2020-8619", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624", "CVE-2020-9283", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2021-20206", "CVE-2021-29482", "CVE-2021-3121", "CVE-2021-3156"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1756-1:764C8", "DEBIAN:DLA-1756-1:F195F", "DEBIAN:DLA-1839-1:13DB7", "DEBIAN:DLA-1839-1:728E0", "DEBIAN:DLA-1912-1:C4001", "DEBIAN:DLA-1912-1:CAAA9", "DEBIAN:DLA-1931-1:24E75", "DEBIAN:DLA-1931-1:6D15F", "DEBIAN:DLA-1931-2:1F133", "DEBIAN:DLA-1931-2:63774", "DEBIAN:DLA-1955-1:22EE5", "DEBIAN:DLA-1955-1:52801", "DEBIAN:DLA-1967-1:C367D", "DEBIAN:DLA-1967-1:CFF0B", "DEBIAN:DLA-1973-1:95F3B", "DEBIAN:DLA-1973-1:A6CE3", "DEBIAN:DLA-1987-1:28961", "DEBIAN:DLA-1987-1:E3D38", "DEBIAN:DLA-1997-1:9DD2C", "DEBIAN:DLA-1997-1:C6E62", "DEBIAN:DLA-2038-1:3A69F", "DEBIAN:DLA-2038-1:FD678", "DEBIAN:DLA-2044-1:26388", "DEBIAN:DLA-2044-1:3FF98", "DEBIAN:DLA-2048-1:4A4BD", "DEBIAN:DLA-2048-1:4AFA1", "DEBIAN:DLA-2088-1:945EA", "DEBIAN:DLA-2088-1:B1E4B", "DEBIAN:DLA-2280-1:96280", "DEBIAN:DLA-2337-1:70801", "DEBIAN:DLA-2340-1:34DF9", "DEBIAN:DLA-2340-2:984C0", "DEBIAN:DLA-2355-1:B11A3", "DEBIAN:DLA-2369-1:46D38", "DEBIAN:DLA-2369-1:E14AE", "DEBIAN:DLA-2370-1:AC2B8", "DEBIAN:DLA-2370-1:DF2B1", "DEBIAN:DLA-2388-1:C1A90", "DEBIAN:DLA-2402-1:C1E9C", "DEBIAN:DLA-2415-1:46C29", "DEBIAN:DLA-2453-1:06602", "DEBIAN:DLA-2455-1:AB97D", "DEBIAN:DLA-2456-1:D70B3", "DEBIAN:DLA-2459-1:C9586", "DEBIAN:DLA-2460-1:279E8", "DEBIAN:DLA-2483-1:37DA1", "DEBIAN:DLA-2492-1:77952", "DEBIAN:DLA-2493-1:D2596", "DEBIAN:DLA-2494-1:12C95", "DEBIAN:DLA-2520-1:EDD6A", "DEBIAN:DLA-2534-1:1EFB7", "DEBIAN:DLA-2534-1:AA5E2", "DEBIAN:DLA-2557-1:3E233", "DEBIAN:DLA-2586-1:6B2FD", "DEBIAN:DLA-2604-1:9EC79", "DEBIAN:DLA-2628-1:6F808", "DEBIAN:DLA-2645-1:92A7D", "DEBIAN:DLA-2850-1:BA5BB", "DEBIAN:DLA-2876-1:15A8F", "DEBIAN:DLA-2987-1:30B1F", "DEBIAN:DLA-3152-1:9B676", "DEBIAN:DLA-3202-1:F1E95", "DEBIAN:DLA-3214-1:78F2B", "DEBIAN:DLA-3327-1:96EC7", "DEBIAN:DSA-4472-1:4A655", "DEBIAN:DSA-4472-1:97343", "DEBIAN:DSA-4530-1:44D76", "DEBIAN:DSA-4530-1:939B7", "DEBIAN:DSA-4547-1:D6E02", "DEBIAN:DSA-4549-1:796DA", "DEBIAN:DSA-4558-1:35EA3", "DEBIAN:DSA-4563-1:121E7", "DEBIAN:DSA-4571-1:418C4", "DEBIAN:DSA-4591-1:41FDD", "DEBIAN:DSA-4591-1:7B449", "DEBIAN:DSA-4610-1:0DE10", "DEBIAN:DSA-4627-1:5CD4F", "DEBIAN:DSA-4638-1:8959D", "DEBIAN:DSA-4641-1:E25EB", "DEBIAN:DSA-4658-1:B559B", "DEBIAN:DSA-4681-1:6DA13", "DEBIAN:DSA-4681-1:8167F", "DEBIAN:DSA-4724-1:6BA8A", "DEBIAN:DSA-4739-1:5AEC6", "DEBIAN:DSA-4739-1:90328", "DEBIAN:DSA-4752-1:AAF93", "DEBIAN:DSA-4752-1:F3E48", "DEBIAN:DSA-4777-1:A4DA9", "DEBIAN:DSA-4777-1:E3B2F", "DEBIAN:DSA-4807-1:1C1CB", "DEBIAN:DSA-4807-1:B0537", "DEBIAN:DSA-4824-1:11EBB", "DEBIAN:DSA-4839-1:0839A", "DEBIAN:DSA-4839-1:3997C", "DEBIAN:DSA-4843-1:3B37B", "DEBIAN:DSA-4843-1:6BD24", "DEBIAN:DSA-4844-1:75AB4", "DEBIAN:DSA-4844-1:99BC8", "DEBIAN:DSA-4848-1:D81AC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-10103", "DEBIANCVE:CVE-2018-10105", "DEBIANCVE:CVE-2018-14461", "DEBIANCVE:CVE-2018-14462", "DEBIANCVE:CVE-2018-14463", "DEBIANCVE:CVE-2018-14464", "DEBIANCVE:CVE-2018-14465", "DEBIANCVE:CVE-2018-14466", "DEBIANCVE:CVE-2018-14467", "DEBIANCVE:CVE-2018-14468", "DEBIANCVE:CVE-2018-14469", "DEBIANCVE:CVE-2018-14470", "DEBIANCVE:CVE-2018-14879", "DEBIANCVE:CVE-2018-14880", "DEBIANCVE:CVE-2018-14881", "DEBIANCVE:CVE-2018-14882", "DEBIANCVE:CVE-2018-16227", "DEBIANCVE:CVE-2018-16228", "DEBIANCVE:CVE-2018-16229", "DEBIANCVE:CVE-2018-16230", "DEBIANCVE:CVE-2018-16300", "DEBIANCVE:CVE-2018-16451", "DEBIANCVE:CVE-2018-16452", "DEBIANCVE:CVE-2018-20843", "DEBIANCVE:CVE-2019-11068", "DEBIANCVE:CVE-2019-13627", "DEBIANCVE:CVE-2019-14559", "DEBIANCVE:CVE-2019-14889", "DEBIANCVE:CVE-2019-15165", "DEBIANCVE:CVE-2019-15166", "DEBIANCVE:CVE-2019-15167", "DEBIANCVE:CVE-2019-15903", "DEBIANCVE:CVE-2019-16168", "DEBIANCVE:CVE-2019-16935", "DEBIANCVE:CVE-2019-17450", "DEBIANCVE:CVE-2019-18197", "DEBIANCVE:CVE-2019-19221", "DEBIANCVE:CVE-2019-19906", "DEBIANCVE:CVE-2019-19956", "DEBIANCVE:CVE-2019-20218", "DEBIANCVE:CVE-2019-20387", "DEBIANCVE:CVE-2019-20388", "DEBIANCVE:CVE-2019-20454", "DEBIANCVE:CVE-2019-20807", "DEBIANCVE:CVE-2019-20838", "DEBIANCVE:CVE-2019-20907", "DEBIANCVE:CVE-2019-20916", "DEBIANCVE:CVE-2019-5018", "DEBIANCVE:CVE-2019-8625", "DEBIANCVE:CVE-2019-8710", "DEBIANCVE:CVE-2019-8720", "DEBIANCVE:CVE-2019-8743", "DEBIANCVE:CVE-2019-8764", "DEBIANCVE:CVE-2019-8766", "DEBIANCVE:CVE-2019-8769", "DEBIANCVE:CVE-2019-8771", "DEBIANCVE:CVE-2019-8782", "DEBIANCVE:CVE-2019-8783", "DEBIANCVE:CVE-2019-8808", "DEBIANCVE:CVE-2019-8811", "DEBIANCVE:CVE-2019-8812", "DEBIANCVE:CVE-2019-8813", "DEBIANCVE:CVE-2019-8814", "DEBIANCVE:CVE-2019-8815", "DEBIANCVE:CVE-2019-8816", "DEBIANCVE:CVE-2019-8819", "DEBIANCVE:CVE-2019-8820", "DEBIANCVE:CVE-2019-8823", "DEBIANCVE:CVE-2019-8835", "DEBIANCVE:CVE-2019-8844", "DEBIANCVE:CVE-2019-8846", "DEBIANCVE:CVE-2020-10018", "DEBIANCVE:CVE-2020-10029", "DEBIANCVE:CVE-2020-11793", "DEBIANCVE:CVE-2020-12321", "DEBIANCVE:CVE-2020-12400", "DEBIANCVE:CVE-2020-12403", "DEBIANCVE:CVE-2020-13630", "DEBIANCVE:CVE-2020-13631", "DEBIANCVE:CVE-2020-13632", "DEBIANCVE:CVE-2020-14040", "DEBIANCVE:CVE-2020-14351", "DEBIANCVE:CVE-2020-14382", "DEBIANCVE:CVE-2020-14391", "DEBIANCVE:CVE-2020-14422", "DEBIANCVE:CVE-2020-15503", "DEBIANCVE:CVE-2020-15586", "DEBIANCVE:CVE-2020-15999", "DEBIANCVE:CVE-2020-16845", "DEBIANCVE:CVE-2020-1730", "DEBIANCVE:CVE-2020-1751", "DEBIANCVE:CVE-2020-1752", "DEBIANCVE:CVE-2020-1971", "DEBIANCVE:CVE-2020-24659", "DEBIANCVE:CVE-2020-25681", "DEBIANCVE:CVE-2020-25682", "DEBIANCVE:CVE-2020-25683", "DEBIANCVE:CVE-2020-25684", "DEBIANCVE:CVE-2020-25685", "DEBIANCVE:CVE-2020-25686", "DEBIANCVE:CVE-2020-25687", "DEBIANCVE:CVE-2020-25705", "DEBIANCVE:CVE-2020-26160", "DEBIANCVE:CVE-2020-27813", "DEBIANCVE:CVE-2020-28362", "DEBIANCVE:CVE-2020-29652", "DEBIANCVE:CVE-2020-29661", "DEBIANCVE:CVE-2020-3862", "DEBIANCVE:CVE-2020-3864", "DEBIANCVE:CVE-2020-3865", "DEBIANCVE:CVE-2020-3867", "DEBIANCVE:CVE-2020-3868", "DEBIANCVE:CVE-2020-3885", "DEBIANCVE:CVE-2020-3894", "DEBIANCVE:CVE-2020-3895", "DEBIANCVE:CVE-2020-3897", "DEBIANCVE:CVE-2020-3899", "DEBIANCVE:CVE-2020-3900", "DEBIANCVE:CVE-2020-3901", "DEBIANCVE:CVE-2020-3902", "DEBIANCVE:CVE-2020-6405", "DEBIANCVE:CVE-2020-6829", "DEBIANCVE:CVE-2020-7595", "DEBIANCVE:CVE-2020-8492", "DEBIANCVE:CVE-2020-8619", "DEBIANCVE:CVE-2020-8622", "DEBIANCVE:CVE-2020-8623", "DEBIANCVE:CVE-2020-8624", "DEBIANCVE:CVE-2020-9283", "DEBIANCVE:CVE-2020-9327", "DEBIANCVE:CVE-2020-9802", "DEBIANCVE:CVE-2020-9803", "DEBIANCVE:CVE-2020-9805", "DEBIANCVE:CVE-2020-9806", "DEBIANCVE:CVE-2020-9807", "DEBIANCVE:CVE-2020-9843", "DEBIANCVE:CVE-2020-9850", "DEBIANCVE:CVE-2020-9862", "DEBIANCVE:CVE-2020-9893", "DEBIANCVE:CVE-2020-9894", "DEBIANCVE:CVE-2020-9895", "DEBIANCVE:CVE-2020-9915", "DEBIANCVE:CVE-2020-9925", "DEBIANCVE:CVE-2021-20206", "DEBIANCVE:CVE-2021-29482", "DEBIANCVE:CVE-2021-3121", "DEBIANCVE:CVE-2021-3156"]}, {"type": "exploitdb", "idList": ["EDB-ID:48121", "EDB-ID:49521", "EDB-ID:49522"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:BBAC75CC4F436EA7C87BF4A93573E140"]}, {"type": "f5", "idList": ["F5:K02663161", "F5:K02931614", "F5:K04367730", "F5:K04460334", "F5:K05295469", "F5:K08654551", "F5:K09604370", "F5:K10812540", "F5:K13290208", "F5:K19807532", "F5:K30444545", "F5:K34239812", "F5:K38481791", "F5:K41440465", "F5:K42910051", "F5:K44551633", "F5:K49921213", "F5:K51011533", "F5:K51317292", "F5:K51512510", "F5:K56551263", "F5:K61267093", "F5:K78284681", "F5:K82252291", "F5:K86162657", "F5:K86488846", "F5:K91090139", "F5:K96300145", "F5:K98221124"]}, {"type": "fedora", "idList": ["FEDORA:0051430CF91F", "FEDORA:0106530962AB", "FEDORA:04BF76309A15", "FEDORA:0560630A704A", "FEDORA:067D430C2F61", "FEDORA:071096091F43", "FEDORA:08D23310004F", "FEDORA:0E74260EE4AA", "FEDORA:11D3430E663D", "FEDORA:1523A318B2F7", "FEDORA:18A3D610D7C4", "FEDORA:1A40F309F48E", "FEDORA:1B1A130A014E", "FEDORA:1D191309D1B6", "FEDORA:1D47E30F4D4F", "FEDORA:1EA356092706", "FEDORA:1F1BC30987DA", "FEDORA:1F4D830C7DBF", "FEDORA:248856062BF1", "FEDORA:24BBA6076F61", "FEDORA:2630830CCAB9", "FEDORA:282FE606E7CA", "FEDORA:2872130E6E99", "FEDORA:28FE430CB116", "FEDORA:2ACD760900BF", "FEDORA:2AEEA32A9DD3", "FEDORA:2D179607011A", "FEDORA:2F13930DEAB1", "FEDORA:2FCD530B2656", "FEDORA:2FCE26076F64", "FEDORA:30E0D6049C87", "FEDORA:32F3D30A68A9", "FEDORA:3307C348B749", "FEDORA:3382160A4425", "FEDORA:33FC666A1E20", "FEDORA:345C8607A30C", "FEDORA:353D73154ABE", "FEDORA:384B96390985", "FEDORA:4044C30CB118", "FEDORA:43A58309CB98", "FEDORA:44F56325DDAB", "FEDORA:45F45348B754", "FEDORA:4A9773111B22", "FEDORA:4E88960D8FBA", "FEDORA:5278930BDD92", "FEDORA:5361730BB4C9", "FEDORA:53B8A30C6A0B", "FEDORA:55212604E121", "FEDORA:55FE8604DFF9", "FEDORA:565F36015190", "FEDORA:578F330CA03E", "FEDORA:59DD6604B000", "FEDORA:5A09262C7A37", "FEDORA:5AB7E30E25EB", "FEDORA:5BBC634DAC43", "FEDORA:5E9E662BAB1F", "FEDORA:60E3A30D1484", "FEDORA:61CEB60525CF", "FEDORA:620E260877C1", "FEDORA:62D1A60D12B5", "FEDORA:6395E630FBA4", "FEDORA:6492C3093DD7", "FEDORA:6976D62A089B", "FEDORA:6C66A601463F", "FEDORA:6C76E608E1F6", "FEDORA:6F355304C5CD", "FEDORA:6F705313E07A", "FEDORA:706956148ECB", "FEDORA:707E930AB4A5", "FEDORA:73C1730C1E46", "FEDORA:7412960648DB", "FEDORA:79B8A317F545", "FEDORA:81544313EC94", "FEDORA:8171330C09FB", "FEDORA:824E230A6A04", "FEDORA:862A060321A8", "FEDORA:8B8553055E91", "FEDORA:8C9CB30BDABD", "FEDORA:8D0BB60525B8", "FEDORA:91EBC309F493", "FEDORA:951236162FD6", "FEDORA:9848360648DC", "FEDORA:9A814304CAC9", "FEDORA:9BD7D30CAEE8", "FEDORA:9F3DE30BA87C", "FEDORA:9F6FE6049CB5", "FEDORA:9F764605D68D", "FEDORA:A2CF8605771B", "FEDORA:A351F606CFD5", "FEDORA:A56F0309448D", "FEDORA:A7E596153F56", "FEDORA:A7F076CB1D2F", "FEDORA:A9E386095B4D", "FEDORA:AC9AB30BBFBA", "FEDORA:AE3D830AB4B2", "FEDORA:B050060758B6", "FEDORA:B10D0604B3B3", "FEDORA:B29916092532", "FEDORA:B36233175D48", "FEDORA:B940C60A8A0C", "FEDORA:BAFD56068146", "FEDORA:BB12030B266D", "FEDORA:BF65760525B8", "FEDORA:C00126087A1E", "FEDORA:C227A625C28A", "FEDORA:C381E30B2672", "FEDORA:C3C866194B96", "FEDORA:C3ED760C452F", "FEDORA:C43B930CE32E", "FEDORA:C6A45304CAF0", "FEDORA:C7F146099564", "FEDORA:C8A606087D99", "FEDORA:C9283634429D", "FEDORA:C9F1930D42C8", "FEDORA:CBE8E30B452C", "FEDORA:D29C830C2A6B", "FEDORA:D36A131B8B41", "FEDORA:D3B4860769F9", "FEDORA:DBC4662F3455", "FEDORA:DC4F334EB5A4", "FEDORA:DCC98600F6D1", "FEDORA:DD6063099060", "FEDORA:DE1F1304CAC9", "FEDORA:DE7A430C4609", "FEDORA:E071460876D1", "FEDORA:E3844606FD7F", "FEDORA:E4BA53093F7F", "FEDORA:E700F3072E21", "FEDORA:EA8ED3055F3B", "FEDORA:EC30530A4CD0", "FEDORA:EC73D30DA8F7", "FEDORA:F149334E497A"]}, {"type": "freebsd", "idList": ["08B553ED-537A-11EB-BE6E-0022489AD614", "1CB0AF4E-D641-4F99-9432-297A89447A97", "1D56CFC5-3970-11EB-929D-D4C9EF517024", "1E7FA41B-F6CA-4FE8-BD46-0E176B42B14F", "2272E6F1-F029-11EA-838A-0011D823EEBD", "2CB21232-FB32-11EA-A929-A4BF014BF5F7", "33C05D57-BF6E-11EA-BA1E-0800273F78D3", "36B905AD-7FBB-11E9-8A5F-C85B76CE9B5A", "3D7DFD63-823B-11EA-B3A8-240A644DD835", "3E748551-C732-45F6-BD88-928DA16F23A8", "3FCB70A4-E22D-11EA-98B2-080027846A02", "458DF97F-1440-11EB-AAEC-E0D55E2A8BF9", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "5B5CF6E5-5B51-11EB-95AC-7F9491278677", "92243B6A-5775-4AEA-8727-A938058DF5BA", "93167BEF-9752-11E9-B61C-B885849DED8E", "9B7491FB-F253-11E9-A50C-000C29C4DC65", "A27B0BB6-84FC-11EA-B5B4-641C67A117D8", "A80C6273-988C-11EC-83AC-080027415D17", "BC7AFF8C-D806-11EA-A5AA-0800272260E5", "C4AC9C79-AB37-11EA-8B5E-B42E99A1B9C3", "C7855866-C511-11EB-AE1D-B42E991FC52E", "C9C6C2F8-CD54-11E9-AF89-080027EF1A23", "DB4B2F27-252A-11EB-865C-00155D646400", "DC8CFF4C-4063-11EA-8A94-3497F6939FDD", "E418B8F0-9ABB-420B-A7F1-1D8231B352E2", "E8483115-8B8E-11EA-BDCF-001B217B3468", "EFD03116-C2A9-11EA-82BC-B42E99A1B9C3", "F00D1873-B138-11EA-8659-901B0EF719AB", "F3CF4B33-6013-11EB-9A0E-206A8A720317", "F4722927-1375-11EB-8711-3065EC8FD3EC", "F5ABAFC0-FCF6-11EA-8758-E0D55E2A8BF9"]}, {"type": "freebsd_advisory", "idList": ["FREEBSD_ADVISORY:FREEBSD-SA-20:22.SQLITE", "FREEBSD_ADVISORY:FREEBSD-SA-20:33.OPENSSL"]}, {"type": "gentoo", "idList": ["GLSA-201908-09", "GLSA-201911-08", "GLSA-202003-16", "GLSA-202003-22", "GLSA-202003-27", "GLSA-202003-32", "GLSA-202004-08", "GLSA-202005-09", "GLSA-202006-04", "GLSA-202006-08", "GLSA-202006-16", "GLSA-202007-11", "GLSA-202007-26", "GLSA-202007-39", "GLSA-202007-61", "GLSA-202008-01", "GLSA-202008-08", "GLSA-202008-19", "GLSA-202009-01", "GLSA-202010-04", "GLSA-202010-07", "GLSA-202011-12", "GLSA-202012-04", "GLSA-202012-13", "GLSA-202101-17", "GLSA-202101-20", "GLSA-202101-33"]}, {"type": "github", "idList": ["GHSA-242X-7CM6-4W8J", "GHSA-25XM-HR59-7C27", "GHSA-3VM4-22FP-5RFM", "GHSA-3XH2-74W9-5VXM", "GHSA-5RCV-M4M3-HFH7", "GHSA-7553-JR98-VX47", "GHSA-7RRM-V45F-JP64", "GHSA-C3H9-896R-86JM", "GHSA-FFHG-7MH4-33C4", "GHSA-GPVV-69J7-GWJ8", "GHSA-M6GX-RHVJ-FH52", "GHSA-PV36-H7JH-QM62", "GHSA-Q6GQ-997W-F55G", "GHSA-QXCG-XJJG-66MJ", "GHSA-W73W-5M7G-F7QC", "GHSA-XJQR-G762-PXWP"]}, {"type": "githubexploit", "idList": ["0150448C-5C49-5917-A32B-56B1154BC517", "03BFA6A9-100F-5BAA-9493-6A9C3461A37B", "076B6736-32D3-5F37-8570-7C8B87A7A5D0", "08927CE5-F79F-53B1-A28A-35CF6EB8F941", "0DA1AFFF-82A5-565A-BFA6-8F6A6E52268B", "213BCA43-1160-5637-AA17-A4F7DFA29967", "2622835C-6D71-5CE4-975D-7E6B9E55E50E", "2987A23B-5EFD-5B4A-A951-6D72B13B71A4", "29E9BCA7-54F3-559F-8592-052F7EC902DA", "2A668D83-7F03-5870-A265-BE4B1ABB4F1F", "305FA0E2-CE78-57B6-87B3-EC7BEFDBE2B0", "30C55741-9CBF-523B-B78C-E933DDBAC0A2", "3CC19BC0-B7EC-52D5-805B-9A1077EAA419", "3F0D2FBE-2CDB-5783-906F-F7B71218723E", "41247B1B-2EEF-5EF8-967A-47EBDAA78CA4", "4885CEF9-D05F-5F90-87FD-2C29C6ADAC5D", "4C45914B-E23C-51F5-AC39-A11AF3084185", "4C6E5FA8-A6FA-5A3D-9277-6417A1361407", "4C7FE64B-11CD-5DA3-9F7A-F5ED394FC01B", "5AAFA05E-ABBB-5EB6-968D-71E9154832F0", "5ACF6B43-1E0E-55AE-A3C6-2FFCB8E95A05", "5E86A164-FA62-5822-A034-A558F2C68082", "6404B816-013C-5D30-96E3-EA233A91E9E4", "64FD9C52-1048-5BCE-9134-9228A5B5D896", "65B35104-9A63-5777-B8CD-117BFD564064", "6C4460D8-B721-5912-A303-D746BE6AE918", "6D615941-1400-5F6E-8B84-68AB306EAAD4", "6E74F3AA-DE31-51CF-AFCB-E689CEE7AC4A", "73755D06-C18A-5153-8397-77FD839D02FF", "77013337-4BEA-5530-BC92-0C0BCA2BA0CD", "79C2EF2E-59E5-57EE-B75C-2A757F840418", "7AB13657-1E3A-536C-87B2-C058EBBA92A7", "80CE8226-21F0-5511-969C-AFDE06BF7C2F", "860137A6-8A6A-5B9E-8DA2-9D56B4F7F3BB", "874146AC-B29D-5508-82A6-F689D0A8937E", "87656530-D6BF-59DF-AEAA-94EA936D15DC", "8AB7F240-396E-5E7F-8F3A-483C176C91EE", "8DA5EFBC-B7B3-53DD-9EA5-CE5BF1C786F2", "8E313950-A935-50E7-B3A1-0B42A0403763", "8EF43C83-EFAA-5B36-ADB4-69AC40B5DFEA", "9003FB61-0943-567C-B4D5-674ADC3206E9", "94A16899-4218-55D1-B5CF-2480CDF5331C", "A64B2D10-93F9-5DEB-8FF5-EDD62BD2F346", "AB7F01A0-08AE-56CA-A116-D36B8B48FE8F", "BA454336-99D5-5669-9586-DE4761C4D7E2", "BC98F6B9-CA75-554C-ACA1-30325FC62B0E", "BCD79315-7A3F-5041-9459-7CF1BEB5C6BC", "BD98107A-1F5C-5E0E-BB2B-51DFBAC1D4BA", "BF2EF6C1-6CDB-598E-B8F0-B6803DE02CCE", "C3C9928F-AC84-5B3E-980E-F594CABE8EA3", "C7EFCE12-F44C-5E4A-8D51-D4F6CE4A377D", "CBF3EF2D-3A5B-5110-A374-4A5ADE9AC91A", "CF8077FD-4A28-511E-B1DA-F4F5476C36E6", "D1B13DF4-3B67-5E28-B67E-5CBE9B8C3D1A", "D4B13E09-5713-5A3F-9BD4-6FF6836D56B6", "DC83CAA2-80A2-5618-A8BB-64F21B1308CA", "DDDD3D70-3C6C-5957-B39C-BC7FF579239A", "E089A8D5-F5B9-5354-8F98-7A6A5AD25E95", "F4C155BB-D279-51C9-A988-FF65F4CE76EF", "F8906E65-8ADB-59DB-8A3A-AEEB8FD45719"]}, {"type": "gitlab", "idList": ["GITLAB-0CB5C5994ADBABBE8EFF8058C50B4B9B", "GITLAB-0D82490E586EFE9A8135FB348CC1AD86", "GITLAB-6BE09606720F800C863D5D69D459E60F", "GITLAB-8F1B32BA01379FD4F3C2BD10C978DA9A", "GITLAB-A09C40C419EC540F29571BE33E54126D", "GITLAB-D899879055E0CEE1264C3999920643D5", "GITLAB-EB858D797BA0D79A1C9E57BDA82C8930", "GITLAB-F0100320E4A944927271D944E511880D", "GITLAB-F87F78376FBF3CE972F07B249EED8845"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:37BA7BA880E3167EF2FF653967274013", "GOOGLEPROJECTZERO:7659E73B419D190E6DA39B1523454604", "GOOGLEPROJECTZERO:82BC34EA810EB3C377CA67B9E6698CC2", "GOOGLEPROJECTZERO:91800FF4B3B97E581EBEE3342DED86A5", "GOOGLEPROJECTZERO:A596034F451F58030932B2FC46FB6F38"]}, {"type": "hackerone", "idList": ["H1:1294043", "H1:705420", "H1:724217", "H1:724243", "H1:724253"]}, {"type": "hp", "idList": ["HP:C06961543"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20210310-01-ESCALATION"]}, {"type": "ibm", "idList": ["023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "02B60CDC8F4BAD8C01ABE804AE47C51EC8A4809D9204EC61478B6A825FBF607B", "0319E4F01D8C2BB1E1D9CA642942762AB6D0486EE87445E505B6585BF79E6E34", "045B3221FB3BBC39DD70A158CACD0ACC0885A17A6B16F3CCA24E243D79A3DFB4", "05C711ADE626E71EEF208B57EB92611FB65BACFAC2E002E5DCF15BB16E425278", "06E45448DD54AD77E13A3A6CDF85E9A5C15F5881E8F05C1E5D3E72BA73F31BE8", "06FE50BE40FEE3497F0E530101C2633637A1990675C077F16FF2FB5E0F90CCF4", "08139CE06A8A5B4E6DECA1C19593AB1C2B019BD2AB5CC530089313FD991614D7", "0848D11FE6A7FFE3D70FDD1DBC47A7D72FEBAE4AFB8052D4E01853492896AFB0", "09B2AB76F2BDB96C1D80882C003F4EB4F06924E6DBF0BF3818CF83A2F0AF4B47", "0A425AE154320282FF38ABB3C8BA8D3AD10793B88A3CFCA031B295F986453B12", "0AC735C19116A7FB66D9921F93B7D9FF1E6BB4F1F2A9AF8B4AA371BC3E7211BE", "0BF1424660629822F80DB4B18F2F5A52F9E3B3B4A3C6EE2309A4CDE620DC6FFB", "0D15D47821CE302EE87F64871F16E8FAED0DF6B97568D7FF28129A9D318E1F27", "0D8D94D37615F141122AF5B7DDB58B4600A1FDF69704C8533EFBF9A8A767A0BE", "0ECBCAAF17194C060682E1B26E2EF9F8F8DA5EA1DAFDB2E39C320FF040DEBF75", "0EF2B3BEA4403B998499114AE5D3693C840E985B7ECCF95FA6F6834A4F819197", "0F5FDD6A95AE2FAC3D7E3C52034692C15DF4E5754EEFEF130DDA4280D97322F2", "0FF78AF1C487DE3B1A92548681C12BB71F6CB2B0B453E94F828CDEF3248FE0FD", "1022F1A8652F556CC61338952DE52ECA055F8D74B75EE7AF0120EF547C2DEB6E", "11418E60E1822B830D82A048693283E95E67F4E9FDA0F50B96E87F6BD33A1B1A", "11A720D6CEE42BEC7B427E5FEAEDB21B8A8C1404BC4506025147A835335D8344", "1365FE7888A116A99EBAB65176F4A5251D737CE9E5529D91AD8342B0F1464ECB", "13CEF3E699B892EB8EDD7E52729E7EE991B647FA5B215D74BD789F18036E95A9", "147EB4D07985CB7587528D1FBFB02A47595F2094BB3705844F8CDEA4FBC9E359", "14A887E26BDEB476941873D8603CE7056CDC1B2DDE8715BEE33CDC5E12E4CB69", "15DA8B02C0EE18C494CE300BE00470079DE5884E7FABD33120881C0071985E51", "165A8842665EA147BB56D0076E2E99E69879A594B73DFCFDADE53D830C626891", "17ADCC3991EF6418AEE30E045384B4AA787D40524B4DDCFDED54CEFB7330CCB1", "17E2A2234B8EB1A1FD88875B4639DD7977B1A0F62BC6D5F9D6C40BAFB9288E47", "180AC5D7287F51495B95E36020BFF2325D0F58CB7C4B6EA71A4C3D8EEB389808", "18350C8CFDA428FFE8D03D8AF52B480419325DE4650723C8EB99383D1C4F7938", "1914476FD091A15E96610F7BF31547167EE2615FDE4E5D3885C1359FD96241AA", "19BD9444E195601BE99DC098E9C970C68F2E7A0306271E91599BA5B3726DD8AA", "19C76C5B3FDC0D71CECCC0547185F376A4CB3B63C7810C50C2FC2E6DB2DAAB2F", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "1AD1D443A812E31635C257C107A94874F8B4C76399451E955FF84E25916790A9", "1B086DC97C90E0AC70793D2174FE88271D65351E3C6955FB974DACDEE4BC1951", "1B0ED4A3526A4957AFA5966EC1D954AC93826AA8F95F1EF2E8A3A6657E73F691", "1BD589A2EFA871129365AA28211FAACF45DF2612E504EA283F22F4A22491789B", "1C55CAC6F2BA9EA2F9C79FC550F3069099AEBD5976424CD8A7D727271F1DF182", "1D6097D0A6BF254EF69F7263F555AC03F9D2CD91725BDEC46126F199CDCCD2A9", "1DAFFF28AC34C8DA1A937E9644BE4D8E8B813CF125F13D52F12ED92015236660", "1EA624133E58C528924E0A6C2FE51824D105B13A8500852A15C68F473636F333", "1FEA014B0C2FDFA9CD279E4CFD9E200E38418FF00A5DAAACDABABCEF7837D1FC", "20CF2AD2EFF7DE6AD8F93586D48E59262F447700FFF48E5E610099B41CEE05B7", "21BD6A763434CA1620B38210E0327CD6C4015E1CA7712C9CA8940EA7E95870CB", "22FE69B31A10A2D1A4C8753B638EBDDDA55E81977EC4563B990767DDEB64861F", "23E1A8234CB28A1958E6B0921DBFF41F837627FC7FE0AB52E91697295E3B8DA0", "24B1AE073C3E8B032429754E1E35B7D96539587DDA275F7A13183F44D07B88D2", "24D6B6BF7C1929D18570FC4893B61C1863403B6466BEC3BA72BBB217CAF54A1E", "26D8B9BA25346A1142EC41EC455309415D14076E05E1C0FE94BCF3C77CFC130B", "2ACAF7EF965645E3B6441E6A8A68E6FE8B309E3EF7A1558180C489C22189FA2F", "2AFF257223AE58ADD9CEC49EDFE3A397C2BFAFEFD043CE43A15372A475968601", "2B9868CAD288C14AFDF0F5971D15B862C2D321ABB30241C9D87CD9C59FF9BD03", "2E58B569B4DB4763709C8CD7E2753A53378BB27D938664EE87B306305B546DAA", "2FC3793C2B87F698814CA49B784BE0A8758E1AA3556B43FCFA74F2776E8348B2", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "30DC450AABD11109A70A2AFC8BA5DC8E8DEFDC385B32C17C4EE2BE3BF55721AB", "32A552C9D601D5556D9E77A4710C33359E9E59554828DF5DF32E88FA7D8B12FD", "33B4112FD28368E6028E9CA4E2A1EAAE53DC2967388F1AF51A1AD75861041785", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "34BD53EB31AD88FE6BCD0318A3283205983F8374B4E36C18A2AB87E881443510", "35CAC5896337E626E05E1CD02F2076F56C9DB49D964D1F9CBB92AD13760F199B", "3669E45D7FE2AA83192FF44FAA60FB349B5D39469F2B30F7D69463B2868B4908", "3751D59918B26EEDBAC0FEE1886D1A118A9D2105E993222B09C299A55F5D8424", "3768EF26D10A8D3D80E9253CA1E6D15061699940ABE247E2737191D372036914", "37B1C13D57560AD2D5EFC78D9765E406257D9DEC561AC751A89056CBB0B78CDF", "39A5E220392127BD5655802675A82687B1AAF447E97B3AFDB37A0D3D40AAD3DB", "39DBD59E71221EDCA742E62D147BC16EE4FEF1E0B97BDA4A7B97EA67D92D244C", "3A0EC58D68A9FF044EFDD59A19016C7F96E811E1FC47D2E23F42FDF074B43F35", "3CF3C789E67BC4BED4E00BAB92CFDEBBACDE7238E903B67252519FD7D01B4413", "3D00DF034C82CED588A736B67CB1795B83D89CAE2689402C82D5645CF4A3EF18", "3E1D02DCA860778FBE48F556210298F9AE84F328F20135DBEC6CA3A6CBA76374", "3ED399AF209808B1374AFCAC052B0FB4EB79FD66E665BCF34B20BDBF55F1A844", "3F6F3A7D0E2060BE15E163DF639CBCA1D6926CD91548FE9D0F3D6794F08655F6", "40F707ABD55115B478CED54185235F20DEB70DDBA07799E2525A809AC1C4F1F4", "41DD55069D26FA13088CD8E8D18E8F704C3AADCD95D705EB48D13E576C03B42F", "450C82AC2F6E3A533B01E69DC0E63D2C66CE40B5A93D389930726AD41BA7E373", "482BC7D3851ADE9C874DBCE3E8E5A2A4EB1E5CA3199D458EF27B5944F169839B", "495FDB911AC82E9C2789BC230DA3363EDD3AF8344FD88833AC53A4000FCAC1F6", "4A13A3496FCF6B846B2A1DE1CDC0810F64A5ABAB123B9000E74EC8183260175D", "4A91EBA290B30504A8EF2EE87060FA1D3D5EF2F7A2869B4D9ACCE1C477DA4795", "4B1CC8292359C38012491E71F77F83A299448FBD65A2CE8CCBAD5489139A1035", "4C62280F93124FD0C7C5C20CA30CD4D137F1D0A9E1E35780DCDE98EDBCFD8B1B", "4D821944016FDC395E14D8C2DC172C6934E950F5A979E201F20692FA151224E5", "4E20FF6980EF77F8F7C53E254EBEB9AF129EF6EDA938A5BDE9CFA46C95393000", "4E6353F1062DDEE2F859DA9376A59A0A02E58324E8A0BB460968024ADB369792", "4E7FE0F1E30AF3FEDE3E69121DBC9B8ED2C0931A5F59643DDC7CCF633D093C6D", "505AA9046670EC3A58A3F57E2932EB46B317BDB83A271F3A6627D59B7D958183", "50F054E398D9C2FEC6804DE8873031657002656851BE150871B2800BAA7C2644", "5199A793C798CC1219F9D1C2D8AF0421740FF6B8AB1DE24E6D06BDDE45EB6EE4", "549E7C0F847035771C3248CFF939686D82680412D47CFB4143AD25D71DC7EAB2", "553055C3FBB4B66E0E52E9ED84C317CAD8597E592FD02A4980DEC6315CABD2E7", "568C1946F6948551373693B819E984491EDA4324124EB255F933921898311FAA", "56D5C4D9B33C1F45EC0E3A48B1E1AB84BC4291F8AFD78D9A30A0AC38C27FE216", "56F736C514D801D48076A768942C738445DEA5EC6AD9001D0E68FF2BEA3431CB", "5817362CFEBEC3D97C56F71F58F7BAD39B11D1FC1BE175D82D99141AA79FD8BD", "5834E81AF46691B1D89090AAA05DF8D5F3F6ABF00015A6CCFC60814EADDADCF6", "5846E4523D2D8046CFB0631ED97FAF2F0DD95ED25785DA3D32CE914213332122", "58D56C8D2689944BB7E42143A4197A4D5AE86937E35B03E954812116FCACD6C3", "59440E98F2CEFE3F78FA3C98CEFCEBC4C2F05D2EAC782CF6B2EB1B0F4334D54C", "59DED814D95C4B5C7A44D5086807798A905A8FC4A79786C753E840AC1630DF3E", "5B2548C6541B1859D763161398A2C0411503B1B1DF68AA7E25EE242BF792098C", "5EEF86E68F23C5E3E4A700D875FD52D137A180161C92B0E0F8541AB754241C6D", "5F5D3CEFEA884B6709DBD49D40D3E975A798FDFD2E04275C70BC4CA8663DFC57", "60534107EEBE1FC28BA7B5968A9A0C51CA6E5FDA395D6771A575BA502A8E6DD8", "626A00E3899D66317EFDAF9786CA08DA775CCF50D0DAF458B4B3052E047CA3DF", "631B242F681F4E00FF3934D942BDEFCF0928F76941A9832590D69B2AC292137C", "63617DA52BC3DA586C5288D29FCD365559DCCA7090AEDC93D422E80323F4ABEE", "638BC9B9F1B860264859BBA0AE04F262C584B383B8D229DBFD85404C0046EBA0", "639C73190B605086EB2D50223D328E54DD4260E5D7B4C3A5051FE4D3C795007C", "63D9F729977C031A0651F7FF02871053A06F3575EB3AFAE0E78D3E2806A91736", "64CA83B4AAA0FF268F5AB6411B7FFA8B5E6832BCA6CEC17E2AD91907E9D5A645", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "6592D9252E79D347E3A4FFDDFF016AB701763D108B8568C8DAE4D38C3A52C76A", "679BB8CE3220011CA4B10A26DAE28F57C4AE0FFE11D6960AF99282DDBDCCCC87", "683AA37B653363FD02791BC7A1F7CD150251CE22393F2B9CFA26550B7F995A3A", "6A0CE211061F295D9D98B616DAAADA0A43895F1108ACB08AF6BC99BC646F2753", "6A8FB2890AF2EBFB497D7D6CCC198FF3FF0E22BD184AAB460E05F9B5E0B6A4DF", "6B9D154BCE10DADDC28B259A53CDE7ADF906DBCB05E8EF0696407EACF7A37CB7", "6CB4EF3A076E2190B30084083521AA008A1E2F799850D429F0737446D33988B3", "6DB84825CE622368939AD6FA1E8FE34E02483E9A3A1BB7E8F5FE9849F4FE79E9", "6EB07DD70BEA73F0C7E332D2302423FA026054A61EAEA3F9D1DF395742821CDD", "6F5E7455D08E55E4F9F3DFA8B8B618487EC9BFDDC4FCB87851672633689609AB", "700973DB1C0B5FBE751BA9F1B6AF32C7F25F98D790B93A9C9D2DE61EB734BD58", "71B326DA1818D1C755649BEC7DF6788BEB9DB87F212A5DE7C63619B1FBF2FE69", "72323A87B15F078C393C08C2C6CBC69CF69DA2EEF2BE247F76E5827524377951", "7515461187DFB015988713DF2DBDEA4817C1389377BFCF2A0E37795D61EB76DF", "771FAA911FB346C962FE8AEC5FE758412E1780BA0BE7D75B073E8AAA8B97C467", "77A5CD46FD3C6940EFC34DE8C8AA831927106A12E0E3EAC862A5D46723F4092E", "79B141AAF1C51913A9CB5960F462DFAB85217C7BAD6F6CB8BCD729FACEEEBD51", "7B459927A24ED35F510CAB0005F98F8E144BB239430528EB8EC77F3D0EB1372D", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "7E48E83AB3B599D048D884D2F2A9C830676F7F8EE7EFC2B799BFE4618D5E9A2F", "7EDC7E4A607AC78AB259E545462224179BA0B894DBBE1C19D52406785B960D30", "80DB9F9F74C5BD520FB1DB96783FB5555E836BF210B90BBE4F53895E6BB36B95", "843852EC2A09304BAF011D50823D2BB7A57BAEE948DB98CAB7237978EE291DA6", "85B5E095AD1C5CE340BECC59017F2922C3EFD2DEA1D1E4F06854486150C25770", "87DCB77CF764C7235B6473B289E603F21A1588D5812BC1D3022468CF1C8EF03A", "87F784817DF6050E97DE8698F7CB349CD170961AC5E808DCAD56A3653680C140", "883FEFB91BF4346AE32F85914D99935FA7A52B740E4ED70D7858EEE31F76AC70", "89BE9EE6717FD5FE5CAC882E73D515D8E83F7EB08EF93BE1CF98227C2B6807B1", "8A457D61DB7DDD28057D8BABAC9740B102F0F5B7117015135AFF49BAD8040C46", "8AA8A74B998A763E5B2326DD7A6F264439A0A32324D24C4ACE80AC34233AC1F9", "8CF6A6FE2F39323B5977B7A87F227610F8DCFED21A1A2E55F1C1160FF28EB52E", "8DEC2654592D64F2D867281F416FD4DE6D6CB55A2CF9AFFE8204C63823A299A4", "8DFD7A13AB8158902F79F0D3D8257F88EE240917FAA110AB3884DFF0906C31AB", "931303F9A96ED803993DD1AA9F2188A9DB58F95EBD1845C08786956B699FB7BA", "935D16DF36C800393007E5C108A433F20ED3C2511F590B5AD68460B950CB39BA", "9413B45266B0A1BF4C0F9EFBF289FB6AC5322C48A1E69D09833E6DA257C8CC77", "9639F84E85C1FD3D4C5A89655B415BE95E955B63B48D2B85EF64F81DAC429A11", "976991E08934E137D1B209E3B8F16F97B934322894053709C5863ECE2EB03B78", "979C1C302656B100A9230D67DC5FDA9D31E695FEDE62BEA27566840475B31B1B", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "97DAF9DC379788A0256F1282C0BACE119D9E6A9486647915DB7396CD37EB5480", "981346B4F2948F216BED89C4CD8BE79AD6F63DE1FBA4E88FB16B5600DC4A27C5", "9A04620999F6A5C33EA2D706818867EC5FDA6193AE9CFACF3632E54A7A590B2D", "9AE75CB1A1D3DD100D9064B9CD05456A761753026F2FA396034E23E18AE154DF", "9B2AEF92C0DDCDFD94BCC038631EDBEBE2A32A5B521CA121192D36BB62077E74", "9B7D3514323721C913B7F4B7440815DE71E19E0CE2EFA7FD71FC9C8ECEE2F069", "9CCBD4EB0143B71631C1E82E0870EE2D6F309B261DD6B3D203F2B5E3D1FFE257", "9E63E9416444AA2DF1664209083F4A7A31363BE16B637E0BA27E1FF0733D991A", "9EAED1F5FB3762874ED935AF686A504F1630ADB20AA5EBFAE97EAEEEA4C0DAF8", "A12EA0FCE4EFCAD90DBB12ADA21F4183773C1E167C13B4C91D05F80DF25E0060", "A132B986390AF1F9E72FC2BA2D182292BDE9C04B2252C517AB8A39E9F7A25581", "A166705A6540CA4C7A1C6EAB8E0C3F931B481EAA10B3071A6DEF594636D25819", "A172A905B7D669EE99F386F8EB10EB55D87468FA7338613B6E1E0388A01AD35F", "A21450CA46A13FB7D14123F07EF140C38F3E8D99CAA98E59F1BF8D289483212C", "A435141E9D6894F7CA102FDB03C29288BC56B476D91906B1B0E7FA8301E0D89A", "A48FBFA17576575D0C4186F8C5D2568F5F5BC3CB4B99C62DCBEA7E11187CCCFD", "A682F39065541E5C1712239B2761462972169D4C104E7393AB2199A0478F5C1A", "A8FBCFAD19DE90556439C39FA208E022099B67D9639DF1798058BCAB3279D90E", "AA3B70CE1898210855F90ABED1D1F346DBCD83F5C44D5AC97D28B475B6E14D11", "AC71FB4A6B2FE491A5695E78F749EB79BD9D5A7C171B6A3857946686F8D731A8", "ACADB7968DA0F2B9A699E4A4F017D7CE853EB3898FF48F8C445659980A8E5015", "ACDBABA4BEBC098DA37120100F01E67DFD9D6040A03A389FA5C51B8B867A3D91", "AE3208EEE597DADD8531B516A96ADB9FF4C1017F9E86C776CEC09336A409AEEF", "AED0F240DF3C88F319E3FB42ACD61D16097A82B46ED80B7D90B6C196F011838C", "AF755D0AFFE03556C8B9305D8915C03A01FE89F8467352FDCE443EF53F8AF11B", "B2565B6FD403933075A5010B41D6BBBFC8A77FB43477AAB65D5831F66FC7C366", "B2EB1B0A78976B31AE7FEB79078A0F8E1A1DC8FD8366FABA05AEA647813A50A2", "B2FCE44624F501314D958E4856653642A780A19EFDC1BC430A290CBD59647968", "B37FB96EE4FA4B06328DA641D49120233F6F6FC031E87E5A21A71F34BB882B42", "B5AA883A7ECBB98CC082171970FB0FD2158AEB520B2B654518056D674E2939C5", "B7BA5F69F24A628309DDEB4E2D3F14EFFC76E85846D015C3C74B090A1ADCD851", "B7D409E9A403BA9F7B31027D06EA38DD15E5D87F56D21161B5BA8A2053445315", "B98F811575D2E16065FC8E4C211A8B74BBF4DCEBB02BCE8974D057BDB7A7A3B4", "BA1A0E184888C0EF0CB32C88DB01C0557118D94034B3DF0E37C668638A21EE88", "BC833C23BBEB81DC30F26014A70792A9D0E36E4FB4F6F70D589D1606D3780C58", "BDF8F6272DDC9AFF34CC149E66EE100802632EF6ECBB6A1F85ED4C5AAC63B956", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "BDFFEC82B2EDD09B2B9BBF108A0FF2E0545F478096EDDC6BB9309619F66D585B", "BE03DEEA0ADE5D59084C33C973A459F3D566CE77D5851C6D52641D5BF004CAA8", "BEA5EE713AB6C06AFEADA582472FE62DD7145AE387D605D4AFE65D032A4C9860", "BEC896DB9F018B1BCEE2BF9A76C241561F1A1E19105EBD0BF2C340BF4BD503B2", "C09C5C1FD3C60B48E6AFE6C609BF568B8A996E541FEDA06CAD3678833B7435CF", "C0FCC5D279BEFE9806E8A80D16BECA9269D08733514F5E75C230F16777C34421", "C1496EC4045B1D46025659B86814D1D0EF8F5054AB7B5935417CDC9116D1E1FD", "C53E6254F502912E3DC8D9611C5E5F11A2C8641C3A30DEC3263825CAFA718EFB", "C672C39FBBDF2FB7F29F14B836418C34934E05354948A44F41CFDABC3D4150F5", "C926343F69A65947C34E3260FD60159DDF712736C6D160F1C7207E499775DBA8", "CA1E3EFC07D22B2DA86595362931D640F30F757529856481F669DB4619DAD922", "CBCC379563323EBE1812461205257622C05A3C7EB51AEE2176BCFB46533D2159", "CC1A4751363BAF070355299EF4837A7E17D105E504AC93B43A4CACBE41426035", "CDCC12630F70C23AEA9E4FF8A828C907D3B44C51B436CD1353EA714B6351BA53", "CDF395DCA76931626CDB7CC71C6A81A725FA69D7DD15259B58CC23FBAAF0244D", "CE7D5A1D0996FFAC3B1D8B653E0D11581F2B40F4522A074649FEF0017143DE02", "D11A0C2CC15BB8D7B04868F2862A15D1963924B4812649E2D326C9951AF9DCE2", "D288D5ADF67DE9C3743BE8316D7F496F7CA64A396C1E8E9019178232D17AF15D", "D5EE91437C61DB828864546A9877E1F863FE9DDA2D0B0BA7C35A8B9BDD774A7D", "D71F903EC9EE20A4A8C2DCFB2E21D38954D4598BFB4CF4FB467C4DD0050F0624", "D7EB5DD3AB3A8578DCEBB2F2F74987881B0F0892248AAC5FA44D1FFC68A74517", "D90B229400D45E993A19BF20C9C442C49E60342C334CF99F4C9505676AB55F08", "D93D4935148F7F3B13EA6EFB252FC805F8785D44154C48C5441B79CADDEC8988", "D9C440A1478785F45C6AD68BEF4F0EC5784B395DD2BBDDDD3E7C17B748E0A64F", "DB8E4E659E64514548095D982131905FB3A6F5608C5916769B8820AA6A05133D", "DE68CB4CCDCDA81A4F8B50BF2AEFA505CBC436FEDDE86CC77D8CBEEABED5A579", "DED899C681C4F01F658F5349E77058BDF8C51E88FADBC17AC63AAD856B4CADE5", "E07C0C4D82739BCF3EC12790499FE045BA8E517D49D7B04601CDBB95AF91DA23", "E3347BCB529A35601F044748C20F62BDDA272E18F4F99AF1DC1EC2079BD36858", "E437CE503208373777E43450B168FBC3F47811675CA792BE0D00E04433982026", "E455072BD221DBB8B1C58AAE10839300D4B2DB2A7147F02EDADB4E2016749D64", "E4ECCFFCA9F84A8C26E146C7649A9981F3387569BFB70E2FA208F1E76D8E3C5B", "E58FC3F1E698B87258B01B21FF93EC241CCC5B41ED4495D2B3CC4151FDA89BFA", "E6E3BBEB93F580534F273FB25EDFEC0DA2FDA24182C449CDEFF60B30638D69DE", "E71653F6C2EC1FC2D0152239B517F704D43825AC89591A339D710904A59C7ECC", "E729E553D7DEE030B1A83DB69F2510017BB5645C970A5BC20855AF904517097A", "E859CE7E5B23AC8D6E62C2CDCCAA3A02B47C985377E910F4A97BF8E00F88B208", "E8FB04B96E4922EE98A4E39A82665391B5E33FFBD84BF83FC189E8E9D5922FC8", "EBCAE79C78E25C53F68D6476B1A365416013A82CC75BAFBA0C65816EA47B537E", "EBD8B8325AB7A01E8F075FD01B366F1FC18428C2FBBE7B57A1592127D42A0675", "EC583EC959A2A069B275113A4307EA1C258F0306C4E67508A1300BE5A8431AC2", "EF38988A8ADFAFD600C0AFEBC1A1C334BFCA6536F9015788D929A5A8036B9536", "EFB4DC6EE5BB712BE09DD07EDAB29FA29CFB142A858D307E3EBD0A3593DB79BA", "F0AFFAB5446BEF6A6B346CA7237A1583252E55B1EA002352E7DFDFFB5796363C", "F20A2BED35D672B2ED051C5D66431C2C2FDB083C6CB24F89E8F6F58F3A89D69B", "F65CA84A08E9C36EC29E833004E5DFFE891E8D19C9A29C386F6566DF69B03B5B", "FA8947935D7353A8494BB4E9213036F88B784759F33BB661330A2FD4F6E4F874", "FBB7AE67F7891C45508D33A8A90E88C29E0C0B54420BD2A55E9AA9D1927DCB32", "FC73553AD2A105EE66740C14C0933AC41AB9E38FE9977D31F31C0B40B28F3F0A", "FCF30D7ADA54D4AE43D018AEE7C5A4607A5A17AD991F64ABB89758502D022DD9", "FD39A731E3BFE5F8DE4A120F1ED300B4BC52F7B3B3FDDCEE6A7C56B4F2DEB7C3", "FD5481A8FAEA26370800B3C24D5356F2495D324636876B8458455F763A9A8B1E", "FD96260AA7704B98DFDC3705B1491403987980F630CCE59A703A8C39858BD31F", "FDE1BF635D60EE0CA8051E326BCA1EFB7C7E659B969B5B079432E17D2860391E", "FE89F8E2C667D09C2C5C2208AC1E6F9525947B9E4A96A92CFD5C9D80113D73FB", "FEEB22705846872BB83E3BC9FE94522005DBC482F542E59A9C17E7BC4EEDF76A", "FEEDE21D672A39EFCED3DB5A5B53E379443D429F39751E681671299243448D14"]}, {"type": "ics", "idList": ["AA22-117A", "ICSA-21-019-01", "ICSA-21-103-08", "ICSA-21-119-03", "ICSA-21-131-03", "ICSA-21-133-02", "ICSA-21-147-02", "ICSA-21-245-01", "ICSA-21-334-04", "ICSA-21-336-06", "ICSA-22-069-09", "ICSA-22-256-01", "ICSA-23-166-10", "ICSA-23-264-05"]}, {"type": "intel", "idList": ["INTEL:INTEL-SA-00403"]}, {"type": "kaspersky", "idList": ["KLA11579", "KLA11580", "KLA11582", "KLA11588", "KLA11589", "KLA11590", "KLA11591", "KLA11592", "KLA11593", "KLA11602", "KLA11603", "KLA11623", "KLA11624", "KLA11646", "KLA11650", "KLA11651", "KLA11660", "KLA11704", "KLA11705", "KLA11714", "KLA11721", "KLA11753", "KLA11790", "KLA11791", "KLA11926", "KLA11942", "KLA11986", "KLA12007", "KLA12010", "KLA12011", "KLA12012", "KLA12013", "KLA12017", "KLA12311"]}, {"type": "kitploit", "idList": ["KITPLOIT:3974184594574360239", "KITPLOIT:8766743662298222785"]}, {"type": "krebs", "idList": ["KREBS:613A537780BD40A6F8E0047CE8D3E6EC"]}, {"type": "lenovo", "idList": ["LENOVO:PS500375-INTEL-WIRELESS-BLUETOOTH-ADVISORY-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2019-0175", "MGASA-2019-0256", "MGASA-2019-0274", "MGASA-2019-0297", "MGASA-2019-0313", "MGASA-2019-0315", "MGASA-2019-0316", "MGASA-2019-0318", "MGASA-2019-0321", "MGASA-2019-0324", "MGASA-2019-0402", "MGASA-2020-0011", "MGASA-2020-0020", "MGASA-2020-0067", "MGASA-2020-0070", "MGASA-2020-0092", "MGASA-2020-0101", "MGASA-2020-0112", "MGASA-2020-0117", "MGASA-2020-0123", "MGASA-2020-0127", "MGASA-2020-0135", "MGASA-2020-0144", "MGASA-2020-0171", "MGASA-2020-0177", "MGASA-2020-0188", "MGASA-2020-0271", "MGASA-2020-0305", "MGASA-2020-0317", "MGASA-2020-0318", "MGASA-2020-0325", "MGASA-2020-0343", "MGASA-2020-0368", "MGASA-2020-0379", "MGASA-2020-0389", "MGASA-2020-0451", "MGASA-2020-0465", "MGASA-2020-0467", "MGASA-2021-0030", "MGASA-2021-0031", "MGASA-2021-0035", "MGASA-2021-0036", "MGASA-2021-0054", "MGASA-2021-0056", "MGASA-2021-0059", "MGASA-2021-0303", "MGASA-2023-0213"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:40B6CEF3C04EE6E976C145960F0C4FEE", "MALWAREBYTES:663327DFA13BEF28EEE013C568D709A6", "MALWAREBYTES:79956B6DF02C5841171B3AEE17565978"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT-LINUX-LOCAL-SUDO_BARON_SAMEDIT-", "MSF:EXPLOIT-OSX-BROWSER-SAFARI_IN_OPERATOR_SIDE_EFFECT-"]}, {"type": "mozilla", "idList": ["MFSA2019-33", "MFSA2019-34", "MFSA2019-35", "MFSA2020-36", "MFSA2020-39", "MFSA2020-50", "MFSA2020-51", "MFSA2020-52"]}, {"type": "mscve", "idList": ["MS:ADV200002", "MS:CVE-2020-1971"]}, {"type": "nessus", "idList": ["AIX_IJ20783.NASL", "AIX_IJ20784.NASL", "AIX_IJ20785.NASL", "AIX_IJ20786.NASL", "AIX_IJ29229.NASL", "AIX_IJ29230.NASL", "AIX_IJ29231.NASL", "AIX_IJ29232.NASL", "AL2022_ALAS2022-2022-154.NASL", "AL2023_ALAS2023-2023-074.NASL", "AL2_ALAS-2019-1376.NASL", "AL2_ALAS-2020-1387.NASL", "AL2_ALAS-2020-1432.NASL", "AL2_ALAS-2020-1471.NASL", "AL2_ALAS-2020-1479.NASL", "AL2_ALAS-2020-1483.NASL", "AL2_ALAS-2020-1484.NASL", "AL2_ALAS-2020-1494.NASL", "AL2_ALAS-2020-1510.NASL", "AL2_ALAS-2020-1513.NASL", "AL2_ALAS-2020-1534.NASL", "AL2_ALAS-2020-1535.NASL", "AL2_ALAS-2020-1559.NASL", "AL2_ALAS-2020-1563.NASL", "AL2_ALAS-2020-1564.NASL", "AL2_ALAS-2020-1565.NASL", "AL2_ALAS-2020-1566.NASL", "AL2_ALAS-2020-1573.NASL", "AL2_ALAS-2021-1578.NASL", "AL2_ALAS-2021-1587.NASL", "AL2_ALAS-2021-1588.NASL", "AL2_ALAS-2021-1590.NASL", "AL2_ALAS-2021-1639.NASL", "AL2_ALAS-2022-1830.NASL", "AL2_ALAS-2023-1944.NASL", "AL2_ALAS-2023-2119.NASL", "AL2_ALAS-2023-2151.NASL", "AL2_ALAS-2023-2174.NASL", "AL2_ALAS-2023-2221.NASL", "AL2_ALASKERNEL-5_4-2022-018.NASL", "AL2_ALASKERNEL-5_4-2022-019.NASL", "AL2_ALASPYTHON3_8-2023-006.NASL", "AL2_ALASPYTHON3_8-2023-008.NASL", "ALA_ALAS-2019-1241.NASL", "ALA_ALAS-2020-1342.NASL", "ALA_ALAS-2020-1406.NASL", "ALA_ALAS-2020-1407.NASL", "ALA_ALAS-2020-1417.NASL", "ALA_ALAS-2020-1427.NASL", "ALA_ALAS-2020-1428.NASL", "ALA_ALAS-2020-1429.NASL", "ALA_ALAS-2020-1432.NASL", "ALA_ALAS-2020-1436.NASL", "ALA_ALAS-2020-1438.NASL", "ALA_ALAS-2020-1456.NASL", "ALA_ALAS-2020-1457.NASL", "ALA_ALAS-2020-1460.NASL", "ALA_ALAS-2020-1462.NASL", "ALA_ALAS-2020-1464.NASL", "ALA_ALAS-2020-1468.NASL", "ALA_ALAS-2020-1471.NASL", "ALA_ALAS-2021-1457.NASL", "ALA_ALAS-2021-1459.NASL", "ALA_ALAS-2021-1461.NASL", "ALA_ALAS-2021-1463.NASL", "ALA_ALAS-2021-1471.NASL", "ALA_ALAS-2021-1474.NASL", "ALA_ALAS-2021-1477.NASL", "ALA_ALAS-2021-1478.NASL", "ALA_ALAS-2021-1511.NASL", "ALA_ALAS-2021-1522.NASL", "ALA_ALAS-2022-1641.NASL", "ALMA_LINUX_ALSA-2020-4432.NASL", "ALMA_LINUX_ALSA-2020-4433.NASL", "ALMA_LINUX_ALSA-2020-4442.NASL", "ALMA_LINUX_ALSA-2020-4443.NASL", "ALMA_LINUX_ALSA-2020-4451.NASL", "ALMA_LINUX_ALSA-2020-4453.NASL", "ALMA_LINUX_ALSA-2020-4464.NASL", "ALMA_LINUX_ALSA-2020-4465.NASL", "ALMA_LINUX_ALSA-2020-4479.NASL", "ALMA_LINUX_ALSA-2020-4482.NASL", "ALMA_LINUX_ALSA-2020-4484.NASL", "ALMA_LINUX_ALSA-2020-4490.NASL", "ALMA_LINUX_ALSA-2020-4497.NASL", "ALMA_LINUX_ALSA-2020-4508.NASL", "ALMA_LINUX_ALSA-2020-4539.NASL", "ALMA_LINUX_ALSA-2020-4542.NASL", "ALMA_LINUX_ALSA-2020-4545.NASL", "ALMA_LINUX_ALSA-2020-4547.NASL", "ALMA_LINUX_ALSA-2020-4846.NASL", "ALMA_LINUX_ALSA-2020-4952.NASL", "ALMA_LINUX_ALSA-2020-5476.NASL", "ALMA_LINUX_ALSA-2020-5479.NASL", "ALMA_LINUX_ALSA-2020-5483.NASL", "ALMA_LINUX_ALSA-2021-0218.NASL", "ALMA_LINUX_ALSA-2021-0558.NASL", "ALMA_LINUX_ALSA-2021-1968.NASL", "ALMA_LINUX_ALSA-2021-4373.NASL", "AMAZON_CORRETTO_8_242_07_1.NASL", "APPLETV_13_3.NASL", "APPLETV_13_3_1.NASL", "APPLETV_13_4.NASL", "APPLE_IOS_132_CHECK.NBIN", "BIND9_9164_CVE_2020_8619.NASL", "BIND9_9173_CVE-2020-8623.NASL", "BIND9_9174.NASL", "BIND9_9174_CVE-2020-8622.NASL", "CENTOS8_RHSA-2019-3196.NASL", "CENTOS8_RHSA-2019-3237.NASL", "CENTOS8_RHSA-2020-1605.NASL", "CENTOS8_RHSA-2020-3662.NASL", "CENTOS8_RHSA-2020-3665.NASL", "CENTOS8_RHSA-2020-4432.NASL", "CENTOS8_RHSA-2020-4433.NASL", "CENTOS8_RHSA-2020-4442.NASL", "CENTOS8_RHSA-2020-4443.NASL", "CENTOS8_RHSA-2020-4444.NASL", "CENTOS8_RHSA-2020-4451.NASL", "CENTOS8_RHSA-2020-4453.NASL", "CENTOS8_RHSA-2020-4464.NASL", "CENTOS8_RHSA-2020-4465.NASL", "CENTOS8_RHSA-2020-4479.NASL", "CENTOS8_RHSA-2020-4482.NASL", "CENTOS8_RHSA-2020-4484.NASL", "CENTOS8_RHSA-2020-4490.NASL", "CENTOS8_RHSA-2020-4497.NASL", "CENTOS8_RHSA-2020-4508.NASL", "CENTOS8_RHSA-2020-4539.NASL", "CENTOS8_RHSA-2020-4542.NASL", "CENTOS8_RHSA-2020-4545.NASL", "CENTOS8_RHSA-2020-4641.NASL", "CENTOS8_RHSA-2020-4654.NASL", "CENTOS8_RHSA-2020-4694.NASL", "CENTOS8_RHSA-2020-4805.NASL", "CENTOS8_RHSA-2020-4846.NASL", "CENTOS8_RHSA-2020-4952.NASL", "CENTOS8_RHSA-2020-5476.NASL", "CENTOS8_RHSA-2020-5479.NASL", "CENTOS8_RHSA-2020-5483.NASL", "CENTOS8_RHSA-2020-5493.NASL", "CENTOS8_RHSA-2021-0150.NASL", "CENTOS8_RHSA-2021-0218.NASL", "CENTOS8_RHSA-2021-0538.NASL", "CENTOS8_RHSA-2021-1796.NASL", "CENTOS8_RHSA-2021-1968.NASL", "CENTOS_RHSA-2019-3193.NASL", "CENTOS_RHSA-2019-3210.NASL", "CENTOS_RHSA-2019-3756.NASL", "CENTOS_RHSA-2020-3888.NASL", "CENTOS_RHSA-2020-3911.NASL", "CENTOS_RHSA-2020-3952.NASL", "CENTOS_RHSA-2020-3996.NASL", "CENTOS_RHSA-2020-4035.NASL", "CENTOS_RHSA-2020-4076.NASL", "CENTOS_RHSA-2020-4183.NASL", "CENTOS_RHSA-2020-4907.NASL", "CENTOS_RHSA-2020-5009.NASL", "CENTOS_RHSA-2020-5010.NASL", "CENTOS_RHSA-2020-5011.NASL", "CENTOS_RHSA-2020-5566.NASL", "CENTOS_RHSA-2021-0153.NASL", "CENTOS_RHSA-2021-0221.NASL", "CENTOS_RHSA-2021-0339.NASL", "CENTOS_RHSA-2021-0348.NASL", "CENTOS_RHSA-2021-0856.NASL", "CENTOS_RHSA-2022-5234.NASL", "COCKROACHDB_A58932.NASL", "DEBIAN_DLA-1756.NASL", "DEBIAN_DLA-1839.NASL", "DEBIAN_DLA-1931.NASL", "DEBIAN_DLA-1955.NASL", "DEBIAN_DLA-1967.NASL", "DEBIAN_DLA-1973.NASL", "DEBIAN_DLA-1987.NASL", "DEBIAN_DLA-1997.NASL", "DEBIAN_DLA-2044.NASL", "DEBIAN_DLA-2048.NASL", "DEBIAN_DLA-2088.NASL", "DEBIAN_DLA-2280.NASL", "DEBIAN_DLA-2337.NASL", "DEBIAN_DLA-2340.NASL", "DEBIAN_DLA-2355.NASL", "DEBIAN_DLA-2369.NASL", "DEBIAN_DLA-2370.NASL", "DEBIAN_DLA-2388.NASL", "DEBIAN_DLA-2402.NASL", "DEBIAN_DLA-2415.NASL", "DEBIAN_DLA-2453.NASL", "DEBIAN_DLA-2455.NASL", "DEBIAN_DLA-2456.NASL", "DEBIAN_DLA-2459.NASL", "DEBIAN_DLA-2460.NASL", "DEBIAN_DLA-2483.NASL", "DEBIAN_DLA-2492.NASL", "DEBIAN_DLA-2493.NASL", "DEBIAN_DLA-2494.NASL", "DEBIAN_DLA-2520.NASL", "DEBIAN_DLA-2534.NASL", "DEBIAN_DLA-2557.NASL", "DEBIAN_DLA-2586.NASL", "DEBIAN_DLA-2604.NASL", "DEBIAN_DLA-2628.NASL", "DEBIAN_DLA-2645.NASL", "DEBIAN_DLA-2850.NASL", "DEBIAN_DLA-2876.NASL", "DEBIAN_DLA-2987.NASL", "DEBIAN_DLA-3152.NASL", "DEBIAN_DLA-3202.NASL", "DEBIAN_DLA-3214.NASL", "DEBIAN_DLA-3327.NASL", "DEBIAN_DLA-3363.NASL", "DEBIAN_DLA-3420.NASL", "DEBIAN_DLA-3424.NASL", "DEBIAN_DLA-3432.NASL", "DEBIAN_DLA-3437.NASL", "DEBIAN_DLA-3455.NASL", "DEBIAN_DSA-4472.NASL", "DEBIAN_DSA-4530.NASL", "DEBIAN_DSA-4547.NASL", "DEBIAN_DSA-4549.NASL", "DEBIAN_DSA-4558.NASL", "DEBIAN_DSA-4563.NASL", "DEBIAN_DSA-4571.NASL", "DEBIAN_DSA-4591.NASL", "DEBIAN_DSA-4610.NASL", "DEBIAN_DSA-4627.NASL", "DEBIAN_DSA-4638.NASL", "DEBIAN_DSA-4641.NASL", "DEBIAN_DSA-4658.NASL", "DEBIAN_DSA-4681.NASL", "DEBIAN_DSA-4724.NASL", "DEBIAN_DSA-4739.NASL", "DEBIAN_DSA-4752.NASL", "DEBIAN_DSA-4777.NASL", "DEBIAN_DSA-4807.NASL", "DEBIAN_DSA-4824.NASL", "DEBIAN_DSA-4839.NASL", "DEBIAN_DSA-4843.NASL", "DEBIAN_DSA-4844.NASL", "DEBIAN_DSA-4848.NASL", "DNSMASQ_2_83.NASL", "EULEROS_SA-2019-1317.NASL", "EULEROS_SA-2019-1318.NASL", "EULEROS_SA-2019-1592.NASL", "EULEROS_SA-2019-1606.NASL", "EULEROS_SA-2019-1625.NASL", "EULEROS_SA-2019-1758.NASL", "EULEROS_SA-2019-1783.NASL", "EULEROS_SA-2019-1841.NASL", "EULEROS_SA-2019-1935.NASL", "EULEROS_SA-2019-2063.NASL", "EULEROS_SA-2019-2103.NASL", "EULEROS_SA-2019-2107.NASL", "EULEROS_SA-2019-2114.NASL", "EULEROS_SA-2019-2115.NASL", "EULEROS_SA-2019-2119.NASL", "EULEROS_SA-2019-2145.NASL", "EULEROS_SA-2019-2225.NASL", "EULEROS_SA-2019-2256.NASL", "EULEROS_SA-2019-2276.NASL", "EULEROS_SA-2019-2286.NASL", "EULEROS_SA-2019-2290.NASL", "EULEROS_SA-2019-2305.NASL", "EULEROS_SA-2019-2433.NASL", "EULEROS_SA-2019-2442.NASL", "EULEROS_SA-2019-2456.NASL", "EULEROS_SA-2019-2519.NASL", "EULEROS_SA-2019-2541.NASL", "EULEROS_SA-2019-2551.NASL", "EULEROS_SA-2019-2612.NASL", "EULEROS_SA-2019-2627.NASL", "EULEROS_SA-2019-2653.NASL", "EULEROS_SA-2019-2703.NASL", "EULEROS_SA-2019-2712.NASL", "EULEROS_SA-2020-1044.NASL", "EULEROS_SA-2020-1048.NASL", "EULEROS_SA-2020-1050.NASL", "EULEROS_SA-2020-1072.NASL", "EULEROS_SA-2020-1074.NASL", "EULEROS_SA-2020-1075.NASL", "EULEROS_SA-2020-1079.NASL", "EULEROS_SA-2020-1082.NASL", "EULEROS_SA-2020-1085.NASL", "EULEROS_SA-2020-1117.NASL", "EULEROS_SA-2020-1132.NASL", "EULEROS_SA-2020-1145.NASL", "EULEROS_SA-2020-1153.NASL", "EULEROS_SA-2020-1159.NASL", "EULEROS_SA-2020-1164.NASL", "EULEROS_SA-2020-1165.NASL", "EULEROS_SA-2020-1180.NASL", "EULEROS_SA-2020-1212.NASL", "EULEROS_SA-2020-1215.NASL", "EULEROS_SA-2020-1217.NASL", "EULEROS_SA-2020-1249.NASL", "EULEROS_SA-2020-1275.NASL", "EULEROS_SA-2020-1288.NASL", "EULEROS_SA-2020-1295.NASL", "EULEROS_SA-2020-1296.NASL", "EULEROS_SA-2020-1300.NASL", "EULEROS_SA-2020-1310.NASL", "EULEROS_SA-2020-1321.NASL", "EULEROS_SA-2020-1332.NASL", "EULEROS_SA-2020-1336.NASL", "EULEROS_SA-2020-1344.NASL", "EULEROS_SA-2020-1346.NASL", "EULEROS_SA-2020-1358.NASL", "EULEROS_SA-2020-1362.NASL", "EULEROS_SA-2020-1364.NASL", "EULEROS_SA-2020-1369.NASL", "EULEROS_SA-2020-1377.NASL", "EULEROS_SA-2020-1405.NASL", "EULEROS_SA-2020-1408.NASL", "EULEROS_SA-2020-1427.NASL", "EULEROS_SA-2020-1434.NASL", "EULEROS_SA-2020-1437.NASL", "EULEROS_SA-2020-1442.NASL", "EULEROS_SA-2020-1445.NASL", "EULEROS_SA-2020-1472.NASL", "EULEROS_SA-2020-1474.NASL", "EULEROS_SA-2020-1487.NASL", "EULEROS_SA-2020-1509.NASL", "EULEROS_SA-2020-1510.NASL", "EULEROS_SA-2020-1514.NASL", "EULEROS_SA-2020-1516.NASL", "EULEROS_SA-2020-1533.NASL", "EULEROS_SA-2020-1558.NASL", "EULEROS_SA-2020-1562.NASL", "EULEROS_SA-2020-1569.NASL", "EULEROS_SA-2020-1574.NASL", "EULEROS_SA-2020-1579.NASL", "EULEROS_SA-2020-1599.NASL", "EULEROS_SA-2020-1607.NASL", "EULEROS_SA-2020-1623.NASL", "EULEROS_SA-2020-1624.NASL", "EULEROS_SA-2020-1631.NASL", "EULEROS_SA-2020-1646.NASL", "EULEROS_SA-2020-1667.NASL", "EULEROS_SA-2020-1670.NASL", "EULEROS_SA-2020-1689.NASL", "EULEROS_SA-2020-1693.NASL", "EULEROS_SA-2020-1697.NASL", "EULEROS_SA-2020-1699.NASL", "EULEROS_SA-2020-1702.NASL", "EULEROS_SA-2020-1712.NASL", "EULEROS_SA-2020-1764.NASL", "EULEROS_SA-2020-1768.NASL", "EULEROS_SA-2020-1779.NASL", "EULEROS_SA-2020-1791.NASL", "EULEROS_SA-2020-1804.NASL", "EULEROS_SA-2020-1822.NASL", "EULEROS_SA-2020-1823.NASL", "EULEROS_SA-2020-1827.NASL", "EULEROS_SA-2020-1836.NASL", "EULEROS_SA-2020-1852.NASL", "EULEROS_SA-2020-1887.NASL", "EULEROS_SA-2020-1900.NASL", "EULEROS_SA-2020-1902.NASL", "EULEROS_SA-2020-1934.NASL", "EULEROS_SA-2020-1951.NASL", "EULEROS_SA-2020-1956.NASL", "EULEROS_SA-2020-1957.NASL", "EULEROS_SA-2020-2001.NASL", "EULEROS_SA-2020-2017.NASL", "EULEROS_SA-2020-2063.NASL", "EULEROS_SA-2020-2078.NASL", "EULEROS_SA-2020-2095.NASL", "EULEROS_SA-2020-2101.NASL", "EULEROS_SA-2020-2131.NASL", "EULEROS_SA-2020-2134.NASL", "EULEROS_SA-2020-2161.NASL", "EULEROS_SA-2020-2162.NASL", "EULEROS_SA-2020-2197.NASL", "EULEROS_SA-2020-2228.NASL", "EULEROS_SA-2020-2231.NASL", "EULEROS_SA-2020-2247.NASL", "EULEROS_SA-2020-2264.NASL", "EULEROS_SA-2020-2265.NASL", "EULEROS_SA-2020-2278.NASL", "EULEROS_SA-2020-2281.NASL", "EULEROS_SA-2020-2310.NASL", "EULEROS_SA-2020-2311.NASL", "EULEROS_SA-2020-2319.NASL", "EULEROS_SA-2020-2329.NASL", "EULEROS_SA-2020-2354.NASL", "EULEROS_SA-2020-2388.NASL", "EULEROS_SA-2020-2404.NASL", "EULEROS_SA-2020-2409.NASL", "EULEROS_SA-2020-2420.NASL", "EULEROS_SA-2020-2427.NASL", "EULEROS_SA-2020-2438.NASL", "EULEROS_SA-2020-2455.NASL", "EULEROS_SA-2020-2471.NASL", "EULEROS_SA-2020-2472.NASL", "EULEROS_SA-2020-2479.NASL", "EULEROS_SA-2020-2481.NASL", "EULEROS_SA-2020-2483.NASL", "EULEROS_SA-2020-2487.NASL", "EULEROS_SA-2020-2490.NASL", "EULEROS_SA-2020-2494.NASL", "EULEROS_SA-2020-2496.NASL", "EULEROS_SA-2020-2500.NASL", "EULEROS_SA-2020-2503.NASL", "EULEROS_SA-2020-2510.NASL", "EULEROS_SA-2020-2514.NASL", "EULEROS_SA-2020-2523.NASL", "EULEROS_SA-2020-2573.NASL", "EULEROS_SA-2021-1001.NASL", "EULEROS_SA-2021-1009.NASL", "EULEROS_SA-2021-1014.NASL", "EULEROS_SA-2021-1020.NASL", "EULEROS_SA-2021-1028.NASL", "EULEROS_SA-2021-1033.NASL", "EULEROS_SA-2021-1039.NASL", "EULEROS_SA-2021-1059.NASL", "EULEROS_SA-2021-1073.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-1104.NASL", "EULEROS_SA-2021-1115.NASL", "EULEROS_SA-2021-1134.NASL", "EULEROS_SA-2021-1138.NASL", "EULEROS_SA-2021-1148.NASL", "EULEROS_SA-2021-1160.NASL", "EULEROS_SA-2021-1173.NASL", "EULEROS_SA-2021-1200.NASL", "EULEROS_SA-2021-1242.NASL", "EULEROS_SA-2021-1244.NASL", "EULEROS_SA-2021-1257.NASL", "EULEROS_SA-2021-1261.NASL", "EULEROS_SA-2021-1263.NASL", "EULEROS_SA-2021-1265.NASL", "EULEROS_SA-2021-1276.NASL", "EULEROS_SA-2021-1281.NASL", "EULEROS_SA-2021-1282.NASL", "EULEROS_SA-2021-1288.NASL", "EULEROS_SA-2021-1311.NASL", "EULEROS_SA-2021-1338.NASL", "EULEROS_SA-2021-1339.NASL", "EULEROS_SA-2021-1366.NASL", "EULEROS_SA-2021-1374.NASL", "EULEROS_SA-2021-1375.NASL", "EULEROS_SA-2021-1376.NASL", "EULEROS_SA-2021-1386.NASL", "EULEROS_SA-2021-1388.NASL", "EULEROS_SA-2021-1389.NASL", "EULEROS_SA-2021-1390.NASL", "EULEROS_SA-2021-1408.NASL", "EULEROS_SA-2021-1411.NASL", "EULEROS_SA-2021-1418.NASL", "EULEROS_SA-2021-1424.NASL", "EULEROS_SA-2021-1454.NASL", "EULEROS_SA-2021-1458.NASL", "EULEROS_SA-2021-1459.NASL", "EULEROS_SA-2021-1468.NASL", "EULEROS_SA-2021-1469.NASL", "EULEROS_SA-2021-1505.NASL", "EULEROS_SA-2021-1520.NASL", "EULEROS_SA-2021-1532.NASL", "EULEROS_SA-2021-1536.NASL", "EULEROS_SA-2021-1549.NASL", "EULEROS_SA-2021-1551.NASL", "EULEROS_SA-2021-1572.NASL", "EULEROS_SA-2021-1575.NASL", "EULEROS_SA-2021-1582.NASL", "EULEROS_SA-2021-1585.NASL", "EULEROS_SA-2021-1589.NASL", "EULEROS_SA-2021-1594.NASL", "EULEROS_SA-2021-1598.NASL", "EULEROS_SA-2021-1604.NASL", "EULEROS_SA-2021-1615.NASL", "EULEROS_SA-2021-1619.NASL", "EULEROS_SA-2021-1623.NASL", "EULEROS_SA-2021-1624.NASL", "EULEROS_SA-2021-1630.NASL", "EULEROS_SA-2021-1633.NASL", "EULEROS_SA-2021-1637.NASL", "EULEROS_SA-2021-1640.NASL", "EULEROS_SA-2021-1642.NASL", "EULEROS_SA-2021-1647.NASL", "EULEROS_SA-2021-1648.NASL", "EULEROS_SA-2021-1652.NASL", "EULEROS_SA-2021-1656.NASL", "EULEROS_SA-2021-1668.NASL", "EULEROS_SA-2021-1669.NASL", "EULEROS_SA-2021-1670.NASL", "EULEROS_SA-2021-1673.NASL", "EULEROS_SA-2021-1684.NASL", "EULEROS_SA-2021-1695.NASL", "EULEROS_SA-2021-1696.NASL", "EULEROS_SA-2021-1707.NASL", "EULEROS_SA-2021-1725.NASL", "EULEROS_SA-2021-1733.NASL", "EULEROS_SA-2021-1739.NASL", "EULEROS_SA-2021-1751.NASL", "EULEROS_SA-2021-1758.NASL", "EULEROS_SA-2021-1767.NASL", "EULEROS_SA-2021-1775.NASL", "EULEROS_SA-2021-2081.NASL", "EULEROS_SA-2021-2092.NASL", "EULEROS_SA-2021-2127.NASL", "EULEROS_SA-2021-2128.NASL", "EULEROS_SA-2021-2134.NASL", "EULEROS_SA-2021-2140.NASL", "EULEROS_SA-2021-2154.NASL", "EULEROS_SA-2021-2159.NASL", "EULEROS_SA-2021-2170.NASL", "EULEROS_SA-2021-2313.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "EULEROS_SA-2021-2758.NASL", "EULEROS_SA-2021-2785.NASL", "EULEROS_SA-2022-2740.NASL", "EULEROS_SA-2022-2775.NASL", "EULEROS_SA-2022-2826.NASL", "EULEROS_SA-2022-2828.NASL", "EULEROS_SA-2022-2851.NASL", "EULEROS_SA-2022-2854.NASL", "EULEROS_SA-2023-1150.NASL", "EULEROS_SA-2023-1152.NASL", "EULEROS_SA-2023-1171.NASL", "EULEROS_SA-2023-1173.NASL", "EULEROS_SA-2023-1201.NASL", "EULEROS_SA-2023-1231.NASL", "EULEROS_SA-2023-1244.NASL", "EULEROS_SA-2023-1714.NASL", "EULEROS_SA-2023-2175.NASL", "EULEROS_SA-2023-2444.NASL", "F5_BIGIP_SOL02663161.NASL", "F5_BIGIP_SOL04367730.NASL", "F5_BIGIP_SOL05295469.NASL", "F5_BIGIP_SOL05295501.NASL", "F5_BIGIP_SOL09604370.NASL", "F5_BIGIP_SOL10812540.NASL", "F5_BIGIP_SOL19807532.NASL", "F5_BIGIP_SOL30444545.NASL", "F5_BIGIP_SOL38481791.NASL", "F5_BIGIP_SOL42910051.NASL", "F5_BIGIP_SOL44551633.NASL", "F5_BIGIP_SOL49921213.NASL", "F5_BIGIP_SOL51011533.NASL", "F5_BIGIP_SOL56551263.NASL", "F5_BIGIP_SOL78284681.NASL", "F5_BIGIP_SOL82252291.NASL", "F5_BIGIP_SOL91090139.NASL", "FEDORA_2019-0D3FCAE639.NASL", "FEDORA_2019-139FCDA84D.NASL", "FEDORA_2019-18868E1715.NASL", "FEDORA_2019-2F259A6C0A.NASL", "FEDORA_2019-320D5295FC.NASL", "FEDORA_2019-4213E37211.NASL", "FEDORA_2019-46B6BD2459.NASL", "FEDORA_2019-4FE461079F.NASL", "FEDORA_2019-57462FA10D.NASL", "FEDORA_2019-613EDFE68B.NASL", "FEDORA_2019-672AE0F060.NASL", "FEDORA_2019-6DB0D5B9D9.NASL", "FEDORA_2019-74BA24605E.NASL", "FEDORA_2019-758824A3FF.NASL", "FEDORA_2019-7EC5BB5D22.NASL", "FEDORA_2019-85D92DF70F.NASL", "FEDORA_2019-8B0AD69829.NASL", "FEDORA_2019-9505C6B555.NASL", "FEDORA_2019-99DB7A510E.NASL", "FEDORA_2019-A268BA7B23.NASL", "FEDORA_2019-B06EC6159B.NASL", "FEDORA_2019-B1636E0B70.NASL", "FEDORA_2019-B92CE3144A.NASL", "FEDORA_2019-D06BC63433.NASL", "FEDORA_2019-D202CDA4F8.NASL", "FEDORA_2019-E21C77FFAE.NASL", "FEDORA_2019-E74D639587.NASL", "FEDORA_2019-EAA681D33E.NASL", "FEDORA_2019-FA0C4B0674.NASL", "FEDORA_2020-0477F8840E.NASL", "FEDORA_2020-07F0A49A9E.NASL", "FEDORA_2020-0AB6656303.NASL", "FEDORA_2020-0C71C00AF4.NASL", "FEDORA_2020-11B0F45883.NASL", "FEDORA_2020-14C194E5AF.NASL", "FEDORA_2020-1DDD5273D6.NASL", "FEDORA_2020-244EFC27AF.NASL", "FEDORA_2020-24B936A870.NASL", "FEDORA_2020-3269917C2F.NASL", "FEDORA_2020-39E0B8BD14.NASL", "FEDORA_2020-41FE1680F6.NASL", "FEDORA_2020-426FD04FD0.NASL", "FEDORA_2020-481C7E285D.NASL", "FEDORA_2020-4832F2BD62.NASL", "FEDORA_2020-4D11D35A1F.NASL", "FEDORA_2020-4F4C778096.NASL", "FEDORA_2020-54A91444FF.NASL", "FEDORA_2020-5A77F0D68F.NASL", "FEDORA_2020-5ED5AF6275.NASL", "FEDORA_2020-5F8DA4B260.NASL", "FEDORA_2020-6299161E89.NASL", "FEDORA_2020-6A88DAD4A0.NASL", "FEDORA_2020-6B35849EDD.NASL", "FEDORA_2020-705C6EA5BE.NASL", "FEDORA_2020-768B1690F8.NASL", "FEDORA_2020-7F34D2CFD8.NASL", "FEDORA_2020-7F625C5EA8.NASL", "FEDORA_2020-826B24C329.NASL", "FEDORA_2020-864922E78A.NASL", "FEDORA_2020-87C0A0A52D.NASL", "FEDORA_2020-8BDD3FD7A4.NASL", "FEDORA_2020-965E406543.NASL", "FEDORA_2020-97D775E649.NASL", "FEDORA_2020-97E849CE46.NASL", "FEDORA_2020-982B2950DB.NASL", "FEDORA_2020-98E0F0F11B.NASL", "FEDORA_2020-9CD1204BA0.NASL", "FEDORA_2020-A02B7A0F21.NASL", "FEDORA_2020-A31B01E945.NASL", "FEDORA_2020-A496A39B00.NASL", "FEDORA_2020-A55F130272.NASL", "FEDORA_2020-AAB24D3714.NASL", "FEDORA_2020-AB074C6CDF.NASL", "FEDORA_2020-B11CF352BD.NASL", "FEDORA_2020-B190375A37.NASL", "FEDORA_2020-B513391CA8.NASL", "FEDORA_2020-B732958765.NASL", "FEDORA_2020-BB919E575E.NASL", "FEDORA_2020-BC0CC81A7A.NASL", "FEDORA_2020-BD170E803F.NASL", "FEDORA_2020-BF829F9A84.NASL", "FEDORA_2020-C3B07CC5C9.NASL", "FEDORA_2020-C539BABB0A.NASL", "FEDORA_2020-C6FA12CFB1.NASL", "FEDORA_2020-D2736EE493.NASL", "FEDORA_2020-D30881C970.NASL", "FEDORA_2020-D75360E2B0.NASL", "FEDORA_2020-D808FDD597.NASL", "FEDORA_2020-DEFF052E7A.NASL", "FEDORA_2020-DFB11916CC.NASL", "FEDORA_2020-E384830A0D.NASL", "FEDORA_2020-E9251DE272.NASL", "FEDORA_2020-E971480183.NASL", "FEDORA_2020-EA5BDBCC90.NASL", "FEDORA_2020-ED284FD64B.NASL", "FEDORA_2020-EF1870065A.NASL", "FEDORA_2020-EFB908B6A8.NASL", "FEDORA_2020-F11A905FC2.NASL", "FEDORA_2020-F25793AAC4.NASL", "FEDORA_2020-F3FA778924.NASL", "FEDORA_2020-F407DB0E65.NASL", "FEDORA_2020-F421EEA477.NASL", "FEDORA_2020-F6271D7AFA.NASL", "FEDORA_2021-2CB63D912A.NASL", "FEDORA_2021-2E4C3D5A9D.NASL", "FEDORA_2021-84440E87BA.NASL", "FEDORA_2021-8840CBDCCD.NASL", "FEDORA_2021-FB466FB623.NASL", "FREEBSD_PKG_08B553ED537A11EBBE6E0022489AD614.NASL", "FREEBSD_PKG_1CB0AF4ED6414F999432297A89447A97.NASL", "FREEBSD_PKG_1D56CFC5397011EB929DD4C9EF517024.NASL", "FREEBSD_PKG_1E7FA41BF6CA4FE8BD460E176B42B14F.NASL", "FREEBSD_PKG_2272E6F1F02911EA838A0011D823EEBD.NASL", "FREEBSD_PKG_2CB21232FB3211EAA929A4BF014BF5F7.NASL", "FREEBSD_PKG_33C05D57BF6E11EABA1E0800273F78D3.NASL", "FREEBSD_PKG_36B905AD7FBB11E98A5FC85B76CE9B5A.NASL", "FREEBSD_PKG_3D7DFD63823B11EAB3A8240A644DD835.NASL", "FREEBSD_PKG_3E748551C73245F6BD88928DA16F23A8.NASL", "FREEBSD_PKG_3FCB70A4E22D11EA98B2080027846A02.NASL", "FREEBSD_PKG_458DF97F144011EBAAECE0D55E2A8BF9.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_5B5CF6E55B5111EB95AC7F9491278677.NASL", "FREEBSD_PKG_92243B6A57754AEA8727A938058DF5BA.NASL", "FREEBSD_PKG_93167BEF975211E9B61CB885849DED8E.NASL", "FREEBSD_PKG_9B7491FBF25311E9A50C000C29C4DC65.NASL", "FREEBSD_PKG_A27B0BB684FC11EAB5B4641C67A117D8.NASL", "FREEBSD_PKG_A80C6273988C11EC83AC080027415D17.NASL", "FREEBSD_PKG_BC7AFF8CD80611EAA5AA0800272260E5.NASL", "FREEBSD_PKG_C4AC9C79AB3711EA8B5EB42E99A1B9C3.NASL", "FREEBSD_PKG_C7855866C51111EBAE1DB42E991FC52E.NASL", "FREEBSD_PKG_C9C6C2F8CD5411E9AF89080027EF1A23.NASL", "FREEBSD_PKG_DB4B2F27252A11EB865C00155D646400.NASL", "FREEBSD_PKG_DC8CFF4C406311EA8A943497F6939FDD.NASL", "FREEBSD_PKG_E418B8F09ABB420BA7F11D8231B352E2.NASL", "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "FREEBSD_PKG_EFD03116C2A911EA82BCB42E99A1B9C3.NASL", "FREEBSD_PKG_F00D1873B13811EA8659901B0EF719AB.NASL", "FREEBSD_PKG_F3CF4B33601311EB9A0E206A8A720317.NASL", "FREEBSD_PKG_F4722927137511EB87113065EC8FD3EC.NASL", "FREEBSD_PKG_F5ABAFC0FCF611EA8758E0D55E2A8BF9.NASL", "GENTOO_GLSA-201908-09.NASL", "GENTOO_GLSA-201911-08.NASL", "GENTOO_GLSA-202003-16.NASL", "GENTOO_GLSA-202003-22.NASL", "GENTOO_GLSA-202003-27.NASL", "GENTOO_GLSA-202003-32.NASL", "GENTOO_GLSA-202004-08.NASL", "GENTOO_GLSA-202005-09.NASL", "GENTOO_GLSA-202006-04.NASL", "GENTOO_GLSA-202006-08.NASL", "GENTOO_GLSA-202006-16.NASL", "GENTOO_GLSA-202007-11.NASL", "GENTOO_GLSA-202007-26.NASL", "GENTOO_GLSA-202007-39.NASL", "GENTOO_GLSA-202007-61.NASL", "GENTOO_GLSA-202008-01.NASL", "GENTOO_GLSA-202008-08.NASL", "GENTOO_GLSA-202008-19.NASL", "GENTOO_GLSA-202009-01.NASL", "GENTOO_GLSA-202010-04.NASL", "GENTOO_GLSA-202010-07.NASL", "GENTOO_GLSA-202011-12.NASL", "GENTOO_GLSA-202012-04.NASL", "GENTOO_GLSA-202012-13.NASL", "GENTOO_GLSA-202101-17.NASL", "GENTOO_GLSA-202101-20.NASL", "GENTOO_GLSA-202101-33.NASL", "GOOGLE_CHROME_78_0_3904_70.NASL", "GOOGLE_CHROME_80_0_3987_87.NASL", "GOOGLE_CHROME_86_0_4240_111.NASL", "IBM_HTTP_SERVER_964768.NASL", "ICLOUD_10_8.NASL", "ICLOUD_10_9.NASL", "ICLOUD_10_9_2.NASL", "ICLOUD_10_9_3.NASL", "ICLOUD_7_15.NASL", "ICLOUD_7_16.NASL", "ICLOUD_7_17.NASL", "ICLOUD_7_18.NASL", "ITUNES_12_10_2.NASL", "ITUNES_12_10_3.NASL", "ITUNES_12_10_3_BANNER.NASL", "ITUNES_12_10_4.NASL", "ITUNES_12_10_4_BANNER.NASL", "ITUNES_12_10_5.NASL", "ITUNES_12_10_5_BANNER.NASL", "JFROG_ARTIFACTORY_6_23_0.NASL", "JFROG_ARTIFACTORY_7_10_1.NASL", "JUNIPER_JSA69705.NASL", "JUNIPER_JSA69715.NASL", "LCE_6_0_9.NASL", "LINUX_CVE-2021-3156.NBIN", "MACOSX_GOOGLE_CHROME_78_0_3904_70.NASL", "MACOSX_GOOGLE_CHROME_80_0_3987_87.NASL", "MACOSX_GOOGLE_CHROME_86_0_4240_111.NASL", "MACOS_FIREFOX_68_2_ESR.NASL", "MACOS_FIREFOX_70_0.NASL", "MACOS_FIREFOX_78_5_ESR.NASL", "MACOS_FIREFOX_80_0.NASL", "MACOS_FIREFOX_83_0.NASL", "MACOS_HT210634.NASL", "MACOS_HT210788.NASL", "MACOS_HT211289.NASL", "MACOS_HT211931.NASL", "MACOS_HT212177.NASL", "MACOS_THUNDERBIRD_68_2.NASL", "MACOS_THUNDERBIRD_78_5.NASL", "MARINER_NSS_CVE-2020-12403.NASL", "MICROSOFT_EDGE_CHROMIUM_80_0_361_48.NASL", "MICROSOFT_EDGE_CHROMIUM_86_0_622_51.NASL", "MOZILLA_FIREFOX_68_2_ESR.NASL", "MOZILLA_FIREFOX_70_0.NASL", "MOZILLA_FIREFOX_78_5_ESR.NASL", "MOZILLA_FIREFOX_80_0.NASL", "MOZILLA_FIREFOX_83_0.NASL", "MOZILLA_THUNDERBIRD_68_2.NASL", "MOZILLA_THUNDERBIRD_78_5.NASL", "MYSQL_5_7_33.NASL", "MYSQL_8_0_19.NASL", "MYSQL_8_0_23.NASL", "NESSUS_TNS_2021_11.NASL", "NEWSTART_CGSL_NS-SA-2019-0215_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2019-0260_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2020-0002_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2020-0003_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2020-0022_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2021-0001_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0002_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2021-0003_BIND.NASL", "NEWSTART_CGSL_NS-SA-2021-0013_FREETYPE.NASL", "NEWSTART_CGSL_NS-SA-2021-0015_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2021-0016_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0017_BIND.NASL", "NEWSTART_CGSL_NS-SA-2021-0019_NSS.NASL", "NEWSTART_CGSL_NS-SA-2021-0020_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0026_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0027_LIBXSLT.NASL", "NEWSTART_CGSL_NS-SA-2021-0029_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2021-0032_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0041_WEBKITGTK4.NASL", "NEWSTART_CGSL_NS-SA-2021-0053_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2021-0058_EDK2.NASL", "NEWSTART_CGSL_NS-SA-2021-0059_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2021-0059_WEBKIT2GTK3.NASL", "NEWSTART_CGSL_NS-SA-2021-0060_LIBSOLV.NASL", "NEWSTART_CGSL_NS-SA-2021-0061_FREETYPE.NASL", "NEWSTART_CGSL_NS-SA-2021-0061_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0063_LIBRAW.NASL", "NEWSTART_CGSL_NS-SA-2021-0064_BIND.NASL", "NEWSTART_CGSL_NS-SA-2021-0064_SQLITE.NASL", "NEWSTART_CGSL_NS-SA-2021-0069_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2021-0069_LIBSSH.NASL", "NEWSTART_CGSL_NS-SA-2021-0070_PCRE2.NASL", "NEWSTART_CGSL_NS-SA-2021-0071_CYRUS-SASL.NASL", "NEWSTART_CGSL_NS-SA-2021-0071_LIBGCRYPT.NASL", "NEWSTART_CGSL_NS-SA-2021-0074_GNUTLS.NASL", "NEWSTART_CGSL_NS-SA-2021-0074_VIM.NASL", "NEWSTART_CGSL_NS-SA-2021-0076_GNOME-SETTINGS-DAEMON.NASL", "NEWSTART_CGSL_NS-SA-2021-0076_GNUPG2.NASL", "NEWSTART_CGSL_NS-SA-2021-0079_LIBARCHIVE.NASL", "NEWSTART_CGSL_NS-SA-2021-0081_PYTHON-PIP.NASL", "NEWSTART_CGSL_NS-SA-2021-0082_LINUX-FIRMWARE.NASL", "NEWSTART_CGSL_NS-SA-2021-0082_TCPDUMP.NASL", "NEWSTART_CGSL_NS-SA-2021-0083_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0086_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0087_CRYPTSETUP.NASL", "NEWSTART_CGSL_NS-SA-2021-0088_LIBXSLT.NASL", "NEWSTART_CGSL_NS-SA-2021-0089_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0090_BINUTILS.NASL", "NEWSTART_CGSL_NS-SA-2021-0091_DNSMASQ.NASL", "NEWSTART_CGSL_NS-SA-2021-0095_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2021-0098_DNSMASQ.NASL", "NEWSTART_CGSL_NS-SA-2021-0099_LINUX-FIRMWARE.NASL", "NEWSTART_CGSL_NS-SA-2021-0101_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0104_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0120_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0121_NSS.NASL", "NEWSTART_CGSL_NS-SA-2021-0122_BINUTILS.NASL", "NEWSTART_CGSL_NS-SA-2021-0125_DNSMASQ.NASL", "NEWSTART_CGSL_NS-SA-2021-0126_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0144_FREETYPE.NASL", "NEWSTART_CGSL_NS-SA-2021-0147_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2021-0148_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0152_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2021-0153_BIND.NASL", "NEWSTART_CGSL_NS-SA-2021-0156_NSS.NASL", "NEWSTART_CGSL_NS-SA-2021-0158_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0166_WEBKITGTK4.NASL", "NEWSTART_CGSL_NS-SA-2021-0175_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0175_LIBXSLT.NASL", "NEWSTART_CGSL_NS-SA-2021-0178_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0180_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2021-0183_DNSMASQ.NASL", "NEWSTART_CGSL_NS-SA-2021-0185_LINUX-FIRMWARE.NASL", "NEWSTART_CGSL_NS-SA-2022-0002_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0010_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2022-0026_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0028_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2022-0044_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2022-0056_DOCKER-CE.NASL", "NEWSTART_CGSL_NS-SA-2022-0073_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0074_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0075_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2022-0085_LIBPCAP.NASL", "NEWSTART_CGSL_NS-SA-2022-0089_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2023-0136_PYTHON-LXML.NASL", "NEWSTART_CGSL_NS-SA-2023-0137_PYTHON-JINJA2.NASL", "NEWSTART_CGSL_NS-SA-2023-0139_PYYAML.NASL", "NNM_5_13_1.NASL", "NNM_6_2_2.NASL", "NODEJS_2021_JAN.NASL", "NUTANIX_NXSA-AHV-20201105_1021.NASL", "NUTANIX_NXSA-AHV-20201105_1045.NASL", "NUTANIX_NXSA-AHV-20201105_1082.NASL", "NUTANIX_NXSA-AOS-5_15_5.NASL", "NUTANIX_NXSA-AOS-5_15_5_5.NASL", "NUTANIX_NXSA-AOS-5_15_6.NASL", "NUTANIX_NXSA-AOS-5_15_7.NASL", "NUTANIX_NXSA-AOS-5_19_0_5.NASL", "NUTANIX_NXSA-AOS-5_19_1.NASL", "NUTANIX_NXSA-AOS-5_19_1_5.NASL", "NUTANIX_NXSA-AOS-5_19_2.NASL", "NUTANIX_NXSA-AOS-5_20.NASL", "NUTANIX_NXSA-AOS-6_0.NASL", "NUTANIX_NXSA-AOS-6_1.NASL", "OPENSSL_1_0_2X.NASL", "OPENSSL_1_1_1I.NASL", "OPENSUSE-2019-1428.NASL", "OPENSUSE-2019-1430.NASL", "OPENSUSE-2019-1433.NASL", "OPENSUSE-2019-1527.NASL", "OPENSUSE-2019-1777.NASL", "OPENSUSE-2019-1824.NASL", "OPENSUSE-2019-1917.NASL", "OPENSUSE-2019-2161.NASL", "OPENSUSE-2019-2204.NASL", "OPENSUSE-2019-2205.NASL", "OPENSUSE-2019-2298.NASL", "OPENSUSE-2019-2300.NASL", "OPENSUSE-2019-2343.NASL", "OPENSUSE-2019-2344.NASL", "OPENSUSE-2019-2345.NASL", "OPENSUSE-2019-2348.NASL", "OPENSUSE-2019-2389.NASL", "OPENSUSE-2019-2393.NASL", "OPENSUSE-2019-2420.NASL", "OPENSUSE-2019-2438.NASL", "OPENSUSE-2019-2451.NASL", "OPENSUSE-2019-2452.NASL", "OPENSUSE-2019-2453.NASL", "OPENSUSE-2019-2459.NASL", "OPENSUSE-2019-2464.NASL", "OPENSUSE-2019-2587.NASL", "OPENSUSE-2019-2591.NASL", "OPENSUSE-2019-2689.NASL", "OPENSUSE-2020-1002.NASL", "OPENSUSE-2020-102.NASL", "OPENSUSE-2020-1064.NASL", "OPENSUSE-2020-1087.NASL", "OPENSUSE-2020-1088.NASL", "OPENSUSE-2020-1095.NASL", "OPENSUSE-2020-1128.NASL", "OPENSUSE-2020-1178.NASL", "OPENSUSE-2020-1194.NASL", "OPENSUSE-2020-1254.NASL", "OPENSUSE-2020-1256.NASL", "OPENSUSE-2020-1257.NASL", "OPENSUSE-2020-1258.NASL", "OPENSUSE-2020-1265.NASL", "OPENSUSE-2020-1275.NASL", "OPENSUSE-2020-1405.NASL", "OPENSUSE-2020-1407.NASL", "OPENSUSE-2020-1598.NASL", "OPENSUSE-2020-1613.NASL", "OPENSUSE-2020-1699.NASL", "OPENSUSE-2020-1701.NASL", "OPENSUSE-2020-1718.NASL", "OPENSUSE-2020-1724.NASL", "OPENSUSE-2020-1734.NASL", "OPENSUSE-2020-1737.NASL", "OPENSUSE-2020-1743.NASL", "OPENSUSE-2020-1744.NASL", "OPENSUSE-2020-1790.NASL", "OPENSUSE-2020-1804.NASL", "OPENSUSE-2020-189.NASL", "OPENSUSE-2020-1901.NASL", "OPENSUSE-2020-1906.NASL", "OPENSUSE-2020-1952.NASL", "OPENSUSE-2020-1960.NASL", "OPENSUSE-2020-1962.NASL", "OPENSUSE-2020-2020.NASL", "OPENSUSE-2020-2031.NASL", "OPENSUSE-2020-2034.NASL", "OPENSUSE-2020-2047.NASL", "OPENSUSE-2020-2067.NASL", "OPENSUSE-2020-2096.NASL", "OPENSUSE-2020-2112.NASL", "OPENSUSE-2020-2139.NASL", "OPENSUSE-2020-2143.NASL", "OPENSUSE-2020-2152.NASL", "OPENSUSE-2020-2161.NASL", "OPENSUSE-2020-2169.NASL", "OPENSUSE-2020-2184.NASL", "OPENSUSE-2020-2185.NASL", "OPENSUSE-2020-2187.NASL", "OPENSUSE-2020-2189.NASL", "OPENSUSE-2020-2190.NASL", "OPENSUSE-2020-22.NASL", "OPENSUSE-2020-2211.NASL", "OPENSUSE-2020-2223.NASL", "OPENSUSE-2020-2236.NASL", "OPENSUSE-2020-2245.NASL", "OPENSUSE-2020-2260.NASL", "OPENSUSE-2020-2269.NASL", "OPENSUSE-2020-2315.NASL", "OPENSUSE-2020-2332.NASL", "OPENSUSE-2020-2333.NASL", "OPENSUSE-2020-274.NASL", "OPENSUSE-2020-278.NASL", "OPENSUSE-2020-314.NASL", "OPENSUSE-2020-381.NASL", "OPENSUSE-2020-467.NASL", "OPENSUSE-2020-510.NASL", "OPENSUSE-2020-602.NASL", "OPENSUSE-2020-622.NASL", "OPENSUSE-2020-646.NASL", "OPENSUSE-2020-681.NASL", "OPENSUSE-2020-731.NASL", "OPENSUSE-2020-781.NASL", "OPENSUSE-2020-794.NASL", "OPENSUSE-2020-86.NASL", "OPENSUSE-2020-931.NASL", "OPENSUSE-2020-940.NASL", "OPENSUSE-2020-989.NASL", "OPENSUSE-2021-1058.NASL", "OPENSUSE-2021-1130.NASL", "OPENSUSE-2021-1134.NASL", "OPENSUSE-2021-124.NASL", "OPENSUSE-2021-129.NASL", "OPENSUSE-2021-1441.NASL", "OPENSUSE-2021-169.NASL", "OPENSUSE-2021-170.NASL", "OPENSUSE-2021-2320.NASL", "OPENSUSE-2021-242.NASL", "OPENSUSE-2021-2575.NASL", "OPENSUSE-2021-2637.NASL", "OPENSUSE-2021-270.NASL", "OPENSUSE-2021-2795.NASL", "OPENSUSE-2021-331.NASL", "OPENSUSE-2021-3529.NASL", "OPENSUSE-2021-60.NASL", "OPENSUSE-2021-602.NASL", "OPENSUSE-2021-64.NASL", "OPENSUSE-2021-65.NASL", "OPENSUSE-2021-75.NASL", "OPENSUSE-2021-82.NASL", "OPENSUSE-2022-0182-1.NASL", "OPENSUSE-2022-0770-1.NASL", "ORACLELINUX_ELSA-2019-3193.NASL", "ORACLELINUX_ELSA-2019-3196.NASL", "ORACLELINUX_ELSA-2019-3210.NASL", "ORACLELINUX_ELSA-2019-3237.NASL", "ORACLELINUX_ELSA-2020-3662.NASL", "ORACLELINUX_ELSA-2020-3665.NASL", "ORACLELINUX_ELSA-2020-3888.NASL", "ORACLELINUX_ELSA-2020-3911.NASL", "ORACLELINUX_ELSA-2020-3952.NASL", "ORACLELINUX_ELSA-2020-3996.NASL", "ORACLELINUX_ELSA-2020-4005.NASL", "ORACLELINUX_ELSA-2020-4035.NASL", "ORACLELINUX_ELSA-2020-4076.NASL", "ORACLELINUX_ELSA-2020-4183.NASL", "ORACLELINUX_ELSA-2020-4432.NASL", "ORACLELINUX_ELSA-2020-4433.NASL", "ORACLELINUX_ELSA-2020-4442.NASL", "ORACLELINUX_ELSA-2020-4443.NASL", "ORACLELINUX_ELSA-2020-4444.NASL", "ORACLELINUX_ELSA-2020-4451.NASL", "ORACLELINUX_ELSA-2020-4453.NASL", "ORACLELINUX_ELSA-2020-4464.NASL", "ORACLELINUX_ELSA-2020-4465.NASL", "ORACLELINUX_ELSA-2020-4479.NASL", "ORACLELINUX_ELSA-2020-4482.NASL", "ORACLELINUX_ELSA-2020-4484.NASL", "ORACLELINUX_ELSA-2020-4490.NASL", "ORACLELINUX_ELSA-2020-4497.NASL", "ORACLELINUX_ELSA-2020-4500.NASL", "ORACLELINUX_ELSA-2020-4508.NASL", "ORACLELINUX_ELSA-2020-4539.NASL", "ORACLELINUX_ELSA-2020-4542.NASL", "ORACLELINUX_ELSA-2020-4545.NASL", "ORACLELINUX_ELSA-2020-4547.NASL", "ORACLELINUX_ELSA-2020-4641.NASL", "ORACLELINUX_ELSA-2020-4654.NASL", "ORACLELINUX_ELSA-2020-4694.NASL", "ORACLELINUX_ELSA-2020-4760.NASL", "ORACLELINUX_ELSA-2020-4805.NASL", "ORACLELINUX_ELSA-2020-4907.NASL", "ORACLELINUX_ELSA-2020-4952.NASL", "ORACLELINUX_ELSA-2020-5009.NASL", "ORACLELINUX_ELSA-2020-5010.NASL", "ORACLELINUX_ELSA-2020-5011.NASL", "ORACLELINUX_ELSA-2020-5476.NASL", "ORACLELINUX_ELSA-2020-5483.NASL", "ORACLELINUX_ELSA-2020-5493.NASL", "ORACLELINUX_ELSA-2020-55661.NASL", "ORACLELINUX_ELSA-2020-5662.NASL", "ORACLELINUX_ELSA-2020-5823.NASL", "ORACLELINUX_ELSA-2020-5825.NASL", "ORACLELINUX_ELSA-2020-5827.NASL", "ORACLELINUX_ELSA-2020-5828.NASL", "ORACLELINUX_ELSA-2021-0150.NASL", "ORACLELINUX_ELSA-2021-0153.NASL", "ORACLELINUX_ELSA-2021-0218.NASL", "ORACLELINUX_ELSA-2021-0221.NASL", "ORACLELINUX_ELSA-2021-0348.NASL", "ORACLELINUX_ELSA-2021-0538.NASL", "ORACLELINUX_ELSA-2021-0558.NASL", "ORACLELINUX_ELSA-2021-0856.NASL", "ORACLELINUX_ELSA-2021-1796.NASL", "ORACLELINUX_ELSA-2021-4373.NASL", "ORACLELINUX_ELSA-2021-9002.NASL", "ORACLELINUX_ELSA-2021-9006.NASL", "ORACLELINUX_ELSA-2021-9007.NASL", "ORACLELINUX_ELSA-2021-9019.NASL", "ORACLELINUX_ELSA-2021-9121.NASL", "ORACLELINUX_ELSA-2021-9137.NASL", "ORACLELINUX_ELSA-2021-9150.NASL", "ORACLELINUX_ELSA-2021-9169.NASL", "ORACLELINUX_ELSA-2021-9212.NASL", "ORACLELINUX_ELSA-2022-5234.NASL", "ORACLELINUX_ELSA-2022-9204.NASL", "ORACLELINUX_ELSA-2023-12971.NASL", "ORACLELINUX_ELSA-2023-12972.NASL", "ORACLEVM_OVMSA-2020-0045.NASL", "ORACLEVM_OVMSA-2021-0001.NASL", "ORACLEVM_OVMSA-2021-0003.NASL", "ORACLEVM_OVMSA-2021-0011.NASL", "ORACLEVM_OVMSA-2021-0012.NASL", "ORACLE_ACCESS_MANAGER_CPU_APR_2023.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_CPU_JUL_2021.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2021_CPU.NASL", "ORACLE_HTTP_SERVER_CPU_OCT_2021.NASL", "ORACLE_JAVA_CPU_APR_2020.NASL", "ORACLE_JAVA_CPU_APR_2020_UNIX.NASL", "ORACLE_JAVA_CPU_JAN_2020.NASL", "ORACLE_JAVA_CPU_JAN_2020_UNIX.NASL", "ORACLE_JAVA_CPU_OCT_2019.NASL", "ORACLE_JAVA_CPU_OCT_2019_UNIX.NASL", "ORACLE_MYSQL_WORKBENCH_8_0_23.NASL", "PHOTONOS_PHSA-2019-1_0-0224_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-1_0-0246_GNUPG.NASL", "PHOTONOS_PHSA-2019-1_0-0247_EXPAT.NASL", "PHOTONOS_PHSA-2019-1_0-0257_BINUTILS.NASL", "PHOTONOS_PHSA-2019-1_0-0257_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0152_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0171_EXPAT.NASL", "PHOTONOS_PHSA-2019-2_0-0171_GNUPG.NASL", "PHOTONOS_PHSA-2019-2_0-0182_PYTHON2.NASL", "PHOTONOS_PHSA-2019-2_0-0182_PYTHON3.NASL", "PHOTONOS_PHSA-2019-2_0-0182_TCPDUMP.NASL", "PHOTONOS_PHSA-2019-2_0-0184_SQLITE.NASL", "PHOTONOS_PHSA-2019-2_0-0187_LIBPCAP.NASL", "PHOTONOS_PHSA-2019-2_0-0189_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0190_BINUTILS.NASL", "PHOTONOS_PHSA-2019-3_0-0024_GNUPG.NASL", "PHOTONOS_PHSA-2019-3_0-0026_EXPAT.NASL", "PHOTONOS_PHSA-2019-3_0-0030_SQLITE.NASL", "PHOTONOS_PHSA-2019-3_0-0034_LIBPCAP.NASL", "PHOTONOS_PHSA-2019-3_0-0034_TCPDUMP.NASL", "PHOTONOS_PHSA-2019-3_0-0035_PYTHON2.NASL", "PHOTONOS_PHSA-2020-1_0-0264_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0271_LIBXML2.NASL", "PHOTONOS_PHSA-2020-1_0-0283_CYRUS.NASL", "PHOTONOS_PHSA-2020-1_0-0288_PYTHON2.NASL", "PHOTONOS_PHSA-2020-1_0-0289_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0298_GLIBC.NASL", "PHOTONOS_PHSA-2020-1_0-0298_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0300_GLIBC.NASL", "PHOTONOS_PHSA-2020-1_0-0300_VIM.NASL", "PHOTONOS_PHSA-2020-1_0-0301_EXPAT.NASL", "PHOTONOS_PHSA-2020-1_0-0304_PYTHON3.NASL", "PHOTONOS_PHSA-2020-1_0-0309_BINDUTILS.NASL", "PHOTONOS_PHSA-2020-1_0-0309_PYTHON2.NASL", "PHOTONOS_PHSA-2020-1_0-0309_PYTHON3.NASL", "PHOTONOS_PHSA-2020-1_0-0316_GO.NASL", "PHOTONOS_PHSA-2020-1_0-0320_BINDUTILS.NASL", "PHOTONOS_PHSA-2020-1_0-0330_GNUTLS.NASL", "PHOTONOS_PHSA-2020-1_0-0345_OPENSSL.NASL", "PHOTONOS_PHSA-2020-1_0-0350_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0200_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0203_LIBXML2.NASL", "PHOTONOS_PHSA-2020-2_0-0207_LIBARCHIVE.NASL", "PHOTONOS_PHSA-2020-2_0-0225_LIBXML2.NASL", "PHOTONOS_PHSA-2020-2_0-0226_PYTHON3.NASL", "PHOTONOS_PHSA-2020-2_0-0234_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0242_GLIBC.NASL", "PHOTONOS_PHSA-2020-2_0-0248_GLIBC.NASL", "PHOTONOS_PHSA-2020-2_0-0249_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0251_VIM.NASL", "PHOTONOS_PHSA-2020-2_0-0254_EXPAT.NASL", "PHOTONOS_PHSA-2020-2_0-0258_PYTHON3.NASL", "PHOTONOS_PHSA-2020-2_0-0263_BINDUTILS.NASL", "PHOTONOS_PHSA-2020-2_0-0265_PYTHON2.NASL", "PHOTONOS_PHSA-2020-2_0-0265_PYTHON3.NASL", "PHOTONOS_PHSA-2020-2_0-0276_GO.NASL", "PHOTONOS_PHSA-2020-2_0-0279_BINDUTILS.NASL", "PHOTONOS_PHSA-2020-2_0-0288_GNUTLS.NASL", "PHOTONOS_PHSA-2020-2_0-0304_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0055_LIBARCHIVE.NASL", "PHOTONOS_PHSA-2020-3_0-0055_LIBXML2.NASL", "PHOTONOS_PHSA-2020-3_0-0057_LIBSOLV.NASL", "PHOTONOS_PHSA-2020-3_0-0077_CYRUS.NASL", "PHOTONOS_PHSA-2020-3_0-0078_PYTHON2.NASL", "PHOTONOS_PHSA-2020-3_0-0078_PYTHON3.NASL", "PHOTONOS_PHSA-2020-3_0-0083_SQLITE.NASL", "PHOTONOS_PHSA-2020-3_0-0101_SQLITE.NASL", "PHOTONOS_PHSA-2020-3_0-0102_VIM.NASL", "PHOTONOS_PHSA-2020-3_0-0111_PYTHON3.NASL", "PHOTONOS_PHSA-2020-3_0-0115_BINDUTILS.NASL", "PHOTONOS_PHSA-2020-3_0-0118_PYTHON2.NASL", "PHOTONOS_PHSA-2020-3_0-0118_PYTHON3.NASL", "PHOTONOS_PHSA-2020-3_0-0130_GO.NASL", "PHOTONOS_PHSA-2020-3_0-0135_BINDUTILS.NASL", "PHOTONOS_PHSA-2020-3_0-0146_GNUTLS.NASL", "PHOTONOS_PHSA-2020-3_0-0175_NXTGN.NASL", "PHOTONOS_PHSA-2020-3_0-0175_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0356_DNSMASQ.NASL", "PHOTONOS_PHSA-2021-1_0-0358_SUDO.NASL", "PHOTONOS_PHSA-2021-1_0-0404_NSS.NASL", "PHOTONOS_PHSA-2021-2_0-0308_LINUX.NASL", "PHOTONOS_PHSA-2021-2_0-0312_DNSMASQ.NASL", "PHOTONOS_PHSA-2021-2_0-0315_SUDO.NASL", "PHOTONOS_PHSA-2021-2_0-0358_NSS.NASL", "PHOTONOS_PHSA-2021-3_0-0182_LINUX.NASL", "PHOTONOS_PHSA-2021-3_0-0186_DNSMASQ.NASL", "PHOTONOS_PHSA-2021-3_0-0188_SUDO.NASL", "PHOTONOS_PHSA-2021-3_0-0254_NSS.NASL", "PHOTONOS_PHSA-2021-3_0-0303_CONSUL.NASL", "PHOTONOS_PHSA-2021-4_0-0007_MYSQL.NASL", "PHOTONOS_PHSA-2021-4_0-0105_CONSUL.NASL", "PUPPET_AGENT_CVE-2020-1971.NASL", "REDHAT-RHSA-2019-3193.NASL", "REDHAT-RHSA-2019-3196.NASL", "REDHAT-RHSA-2019-3210.NASL", "REDHAT-RHSA-2019-3237.NASL", "REDHAT-RHSA-2019-3756.NASL", "REDHAT-RHSA-2020-0514.NASL", "REDHAT-RHSA-2020-1605.NASL", "REDHAT-RHSA-2020-2413.NASL", "REDHAT-RHSA-2020-2644.NASL", "REDHAT-RHSA-2020-3369.NASL", "REDHAT-RHSA-2020-3662.NASL", "REDHAT-RHSA-2020-3665.NASL", "REDHAT-RHSA-2020-3888.NASL", "REDHAT-RHSA-2020-3911.NASL", "REDHAT-RHSA-2020-3952.NASL", "REDHAT-RHSA-2020-3996.NASL", "REDHAT-RHSA-2020-4005.NASL", "REDHAT-RHSA-2020-4035.NASL", "REDHAT-RHSA-2020-4076.NASL", "REDHAT-RHSA-2020-4183.NASL", "REDHAT-RHSA-2020-4214.NASL", "REDHAT-RHSA-2020-4273.NASL", "REDHAT-RHSA-2020-4285.NASL", "REDHAT-RHSA-2020-4297.NASL", "REDHAT-RHSA-2020-4299.NASL", "REDHAT-RHSA-2020-4351.NASL", "REDHAT-RHSA-2020-4432.NASL", "REDHAT-RHSA-2020-4433.NASL", "REDHAT-RHSA-2020-4442.NASL", "REDHAT-RHSA-2020-4443.NASL", "REDHAT-RHSA-2020-4444.NASL", "REDHAT-RHSA-2020-4451.NASL", "REDHAT-RHSA-2020-4453.NASL", "REDHAT-RHSA-2020-4464.NASL", "REDHAT-RHSA-2020-4465.NASL", "REDHAT-RHSA-2020-4479.NASL", "REDHAT-RHSA-2020-4482.NASL", "REDHAT-RHSA-2020-4484.NASL", "REDHAT-RHSA-2020-4490.NASL", "REDHAT-RHSA-2020-4497.NASL", "REDHAT-RHSA-2020-4500.NASL", "REDHAT-RHSA-2020-4508.NASL", "REDHAT-RHSA-2020-4539.NASL", "REDHAT-RHSA-2020-4542.NASL", "REDHAT-RHSA-2020-4545.NASL", "REDHAT-RHSA-2020-4547.NASL", "REDHAT-RHSA-2020-4641.NASL", "REDHAT-RHSA-2020-4654.NASL", "REDHAT-RHSA-2020-4694.NASL", "REDHAT-RHSA-2020-4760.NASL", "REDHAT-RHSA-2020-4805.NASL", "REDHAT-RHSA-2020-4846.NASL", "REDHAT-RHSA-2020-4900.NASL", "REDHAT-RHSA-2020-4907.NASL", "REDHAT-RHSA-2020-4949.NASL", "REDHAT-RHSA-2020-4950.NASL", "REDHAT-RHSA-2020-4951.NASL", "REDHAT-RHSA-2020-4952.NASL", "REDHAT-RHSA-2020-4992.NASL", "REDHAT-RHSA-2020-5009.NASL", "REDHAT-RHSA-2020-5010.NASL", "REDHAT-RHSA-2020-5011.NASL", "REDHAT-RHSA-2020-5054.NASL", "REDHAT-RHSA-2020-5055.NASL", "REDHAT-RHSA-2020-5056.NASL", "REDHAT-RHSA-2020-5119.NASL", "REDHAT-RHSA-2020-5159.NASL", "REDHAT-RHSA-2020-5203.NASL", "REDHAT-RHSA-2020-5218.NASL", "REDHAT-RHSA-2020-5333.NASL", "REDHAT-RHSA-2020-5416.NASL", "REDHAT-RHSA-2020-5422.NASL", "REDHAT-RHSA-2020-5476.NASL", "REDHAT-RHSA-2020-5479.NASL", "REDHAT-RHSA-2020-5483.NASL", "REDHAT-RHSA-2020-5493.NASL", "REDHAT-RHSA-2020-5566.NASL", "REDHAT-RHSA-2020-5588.NASL", "REDHAT-RHSA-2020-5623.NASL", "REDHAT-RHSA-2020-5634.NASL", "REDHAT-RHSA-2020-5637.NASL", "REDHAT-RHSA-2020-5639.NASL", "REDHAT-RHSA-2020-5640.NASL", "REDHAT-RHSA-2020-5641.NASL", "REDHAT-RHSA-2020-5642.NASL", "REDHAT-RHSA-2020-5649.NASL", "REDHAT-RHSA-2021-0038.NASL", "REDHAT-RHSA-2021-0056.NASL", "REDHAT-RHSA-2021-0150.NASL", "REDHAT-RHSA-2021-0151.NASL", "REDHAT-RHSA-2021-0152.NASL", "REDHAT-RHSA-2021-0153.NASL", "REDHAT-RHSA-2021-0154.NASL", "REDHAT-RHSA-2021-0155.NASL", "REDHAT-RHSA-2021-0156.NASL", "REDHAT-RHSA-2021-0172.NASL", "REDHAT-RHSA-2021-0183.NASL", "REDHAT-RHSA-2021-0218.NASL", "REDHAT-RHSA-2021-0219.NASL", "REDHAT-RHSA-2021-0220.NASL", "REDHAT-RHSA-2021-0221.NASL", "REDHAT-RHSA-2021-0222.NASL", "REDHAT-RHSA-2021-0223.NASL", "REDHAT-RHSA-2021-0224.NASL", "REDHAT-RHSA-2021-0225.NASL", "REDHAT-RHSA-2021-0226.NASL", "REDHAT-RHSA-2021-0227.NASL", "REDHAT-RHSA-2021-0240.NASL", "REDHAT-RHSA-2021-0245.NASL", "REDHAT-RHSA-2021-0258.NASL", "REDHAT-RHSA-2021-0266.NASL", "REDHAT-RHSA-2021-0339.NASL", "REDHAT-RHSA-2021-0348.NASL", "REDHAT-RHSA-2021-0354.NASL", "REDHAT-RHSA-2021-0395.NASL", "REDHAT-RHSA-2021-0401.NASL", "REDHAT-RHSA-2021-0486.NASL", "REDHAT-RHSA-2021-0489.NASL", "REDHAT-RHSA-2021-0494.NASL", "REDHAT-RHSA-2021-0528.NASL", "REDHAT-RHSA-2021-0537.NASL", "REDHAT-RHSA-2021-0538.NASL", "REDHAT-RHSA-2021-0558.NASL", "REDHAT-RHSA-2021-0686.NASL", "REDHAT-RHSA-2021-0689.NASL", "REDHAT-RHSA-2021-0713.NASL", "REDHAT-RHSA-2021-0758.NASL", "REDHAT-RHSA-2021-0761.NASL", "REDHAT-RHSA-2021-0763.NASL", "REDHAT-RHSA-2021-0765.NASL", "REDHAT-RHSA-2021-0774.NASL", "REDHAT-RHSA-2021-0833.NASL", "REDHAT-RHSA-2021-0848.NASL", "REDHAT-RHSA-2021-0856.NASL", "REDHAT-RHSA-2021-0857.NASL", "REDHAT-RHSA-2021-0862.NASL", "REDHAT-RHSA-2021-0876.NASL", "REDHAT-RHSA-2021-0878.NASL", "REDHAT-RHSA-2021-0881.NASL", "REDHAT-RHSA-2021-0940.NASL", "REDHAT-RHSA-2021-0956.NASL", "REDHAT-RHSA-2021-1006.NASL", "REDHAT-RHSA-2021-1016.NASL", "REDHAT-RHSA-2021-1026.NASL", "REDHAT-RHSA-2021-1028.NASL", "REDHAT-RHSA-2021-1031.NASL", "REDHAT-RHSA-2021-1267.NASL", "REDHAT-RHSA-2021-1288.NASL", "REDHAT-RHSA-2021-1366.NASL", "REDHAT-RHSA-2021-1531.NASL", "REDHAT-RHSA-2021-1551.NASL", "REDHAT-RHSA-2021-1796.NASL", "REDHAT-RHSA-2021-1968.NASL", "REDHAT-RHSA-2021-2122.NASL", "REDHAT-RHSA-2021-2164.NASL", "REDHAT-RHSA-2021-2191.NASL", "REDHAT-RHSA-2021-2355.NASL", "REDHAT-RHSA-2021-2437.NASL", "REDHAT-RHSA-2021-2998.NASL", "REDHAT-RHSA-2021-3315.NASL", "REDHAT-RHSA-2022-1276.NASL", "REDHAT-RHSA-2022-5234.NASL", "REDHAT-RHSA-2022-7887.NASL", "ROCKY_LINUX_RLSA-2020-1605.NASL", "ROCKY_LINUX_RLSA-2020-3662.NASL", "ROCKY_LINUX_RLSA-2020-4451.NASL", "ROCKY_LINUX_RLSA-2020-4453.NASL", "ROCKY_LINUX_RLSA-2020-4482.NASL", "ROCKY_LINUX_RLSA-2020-4484.NASL", "ROCKY_LINUX_RLSA-2020-4490.NASL", "ROCKY_LINUX_RLSA-2020-4497.NASL", "ROCKY_LINUX_RLSA-2020-4539.NASL", "ROCKY_LINUX_RLSA-2020-4545.NASL", "ROCKY_LINUX_RLSA-2020-4641.NASL", "ROCKY_LINUX_RLSA-2020-4654.NASL", "ROCKY_LINUX_RLSA-2020-4694.NASL", "ROCKY_LINUX_RLSA-2020-4760.NASL", "ROCKY_LINUX_RLSA-2020-4952.NASL", "ROCKY_LINUX_RLSA-2021-0538.NASL", "ROCKY_LINUX_RLSA-2021-1796.NASL", "ROCKY_LINUX_RLSA-2021-4373.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SECURITYCENTER_5_19_0_TNS_2021_08.NASL", "SECURITYCENTER_5_19_0_TNS_2021_14.NASL", "SLACKWARE_SSA_2019-259-01.NASL", "SLACKWARE_SSA_2019-274-01.NASL", "SLACKWARE_SSA_2019-293-01.NASL", "SLACKWARE_SSA_2019-295-01.NASL", "SLACKWARE_SSA_2020-170-01.NASL", "SLACKWARE_SSA_2020-234-01.NASL", "SLACKWARE_SSA_2020-294-01.NASL", "SLACKWARE_SSA_2021-026-01.NASL", "SLACKWARE_SSA_2021-040-01.NASL", "SLACKWARE_SSA_2022-055-01.NASL", "SL_20191029_THUNDERBIRD_ON_SL7_X.NASL", "SL_20191106_THUNDERBIRD_ON_SL6_X.NASL", "SL_20201001_EXPAT_ON_SL7_X.NASL", "SL_20201001_LIBXML2_ON_SL7_X.NASL", "SL_20201001_LIBXSLT_ON_SL7_X.NASL", "SL_20201001_NSS_AND_NSPR_ON_SL7_X.NASL", "SL_20201001_PYTHON3_ON_SL7_X.NASL", "SL_20201001_PYTHON_ON_SL7_X.NASL", "SL_20201001_WEBKITGTK4_ON_SL7_X.NASL", "SL_20201012_BIND_ON_SL6_X.NASL", "SL_20201104_FREETYPE_ON_SL7_X.NASL", "SL_20201110_PYTHON3_ON_SL7_X.NASL", "SL_20201110_PYTHON_ON_SL7_X.NASL", "SL_20201217_OPENSSL_ON_SL7_X.NASL", "SL_20210119_DNSMASQ_ON_SL7_X.NASL", "SL_20210126_SUDO_ON_SL7_X.NASL", "SL_20210202_GLIBC_ON_SL7_X.NASL", "SL_20210202_LINUX_FIRMWARE_ON_SL7_X.NASL", "SL_20220628_PYTHON_VIRTUALENV_ON_SL7_X.NASL", "SMB_NT_MS21_NOV_VISUAL_STUDIO.NASL", "SUSE_SU-2019-1221-1.NASL", "SUSE_SU-2019-1221-2.NASL", "SUSE_SU-2019-1232-1.NASL", "SUSE_SU-2019-1381-1.NASL", "SUSE_SU-2019-14191-1.NASL", "SUSE_SU-2019-1834-1.NASL", "SUSE_SU-2019-1835-1.NASL", "SUSE_SU-2019-1973-1.NASL", "SUSE_SU-2019-2006-1.NASL", "SUSE_SU-2019-2349-1.NASL", "SUSE_SU-2019-2429-1.NASL", "SUSE_SU-2019-2440-1.NASL", "SUSE_SU-2019-2480-1.NASL", "SUSE_SU-2019-2510-1.NASL", "SUSE_SU-2019-2533-1.NASL", "SUSE_SU-2019-2536-1.NASL", "SUSE_SU-2019-2669-1.NASL", "SUSE_SU-2019-2673-1.NASL", "SUSE_SU-2019-2674-1.NASL", "SUSE_SU-2019-2743-1.NASL", "SUSE_SU-2019-2748-1.NASL", "SUSE_SU-2019-2748-2.NASL", "SUSE_SU-2019-2802-1.NASL", "SUSE_SU-2019-2871-1.NASL", "SUSE_SU-2019-2872-1.NASL", "SUSE_SU-2019-3044-1.NASL", "SUSE_SU-2019-3267-1.NASL", "SUSE_SU-2019-3293-1.NASL", "SUSE_SU-2019-3307-1.NASL", "SUSE_SU-2019-3308-1.NASL", "SUSE_SU-2019-3392-1.NASL", "SUSE_SU-2020-0114-1.NASL", "SUSE_SU-2020-0129-1.NASL", "SUSE_SU-2020-0130-1.NASL", "SUSE_SU-2020-0131-1.NASL", "SUSE_SU-2020-0139-1.NASL", "SUSE_SU-2020-0234-1.NASL", "SUSE_SU-2020-0302-1.NASL", "SUSE_SU-2020-0467-1.NASL", "SUSE_SU-2020-0468-1.NASL", "SUSE_SU-2020-0495-1.NASL", "SUSE_SU-2020-0510-1.NASL", "SUSE_SU-2020-0557-1.NASL", "SUSE_SU-2020-0568-1.NASL", "SUSE_SU-2020-0668-1.NASL", "SUSE_SU-2020-0699-1.NASL", "SUSE_SU-2020-0832-1.NASL", "SUSE_SU-2020-0854-1.NASL", "SUSE_SU-2020-0920-1.NASL", "SUSE_SU-2020-0920-2.NASL", "SUSE_SU-2020-0967-1.NASL", "SUSE_SU-2020-0968-1.NASL", "SUSE_SU-2020-1065-1.NASL", "SUSE_SU-2020-1109-1.NASL", "SUSE_SU-2020-1125-1.NASL", "SUSE_SU-2020-1135-1.NASL", "SUSE_SU-2020-1198-1.NASL", "SUSE_SU-2020-1211-1.NASL", "SUSE_SU-2020-1299-1.NASL", "SUSE_SU-2020-1409-1.NASL", "SUSE_SU-2020-14306-1.NASL", "SUSE_SU-2020-14385-1.NASL", "SUSE_SU-2020-14548-1.NASL", "SUSE_SU-2020-14560-1.NASL", "SUSE_SU-2020-14579-1.NASL", "SUSE_SU-2020-1524-1.NASL", "SUSE_SU-2020-1532-1.NASL", "SUSE_SU-2020-1532-2.NASL", "SUSE_SU-2020-1550-1.NASL", "SUSE_SU-2020-1551-1.NASL", "SUSE_SU-2020-1990-1.NASL", "SUSE_SU-2020-1992-1.NASL", "SUSE_SU-2020-2069-1.NASL", "SUSE_SU-2020-2198-1.NASL", "SUSE_SU-2020-2199-1.NASL", "SUSE_SU-2020-2216-1.NASL", "SUSE_SU-2020-2232-1.NASL", "SUSE_SU-2020-2275-1.NASL", "SUSE_SU-2020-2276-1.NASL", "SUSE_SU-2020-2277-1.NASL", "SUSE_SU-2020-2562-1.NASL", "SUSE_SU-2020-2609-1.NASL", "SUSE_SU-2020-2699-1.NASL", "SUSE_SU-2020-2864-1.NASL", "SUSE_SU-2020-2864-2.NASL", "SUSE_SU-2020-2914-1.NASL", "SUSE_SU-2020-2988-1.NASL", "SUSE_SU-2020-2995-1.NASL", "SUSE_SU-2020-2998-1.NASL", "SUSE_SU-2020-3024-1.NASL", "SUSE_SU-2020-3060-1.NASL", "SUSE_SU-2020-3122-1.NASL", "SUSE_SU-2020-3126-1.NASL", "SUSE_SU-2020-3272-1.NASL", "SUSE_SU-2020-3281-1.NASL", "SUSE_SU-2020-3326-1.NASL", "SUSE_SU-2020-3360-1.NASL", "SUSE_SU-2020-3368-1.NASL", "SUSE_SU-2020-3369-1.NASL", "SUSE_SU-2020-3383-1.NASL", "SUSE_SU-2020-3458-1.NASL", "SUSE_SU-2020-3501-1.NASL", "SUSE_SU-2020-3503-1.NASL", "SUSE_SU-2020-3507-1.NASL", "SUSE_SU-2020-3513-1.NASL", "SUSE_SU-2020-3522-1.NASL", "SUSE_SU-2020-3532-1.NASL", "SUSE_SU-2020-3544-1.NASL", "SUSE_SU-2020-3548-1.NASL", "SUSE_SU-2020-3552-1.NASL", "SUSE_SU-2020-3563-1.NASL", "SUSE_SU-2020-3593-1.NASL", "SUSE_SU-2020-3596-1.NASL", "SUSE_SU-2020-3597-1.NASL", "SUSE_SU-2020-3651-1.NASL", "SUSE_SU-2020-3717-1.NASL", "SUSE_SU-2020-3720-1.NASL", "SUSE_SU-2020-3721-1.NASL", "SUSE_SU-2020-3722-1.NASL", "SUSE_SU-2020-3732-1.NASL", "SUSE_SU-2020-3740-1.NASL", "SUSE_SU-2020-3748-1.NASL", "SUSE_SU-2020-3762-1.NASL", "SUSE_SU-2020-3763-1.NASL", "SUSE_SU-2020-3764-1.NASL", "SUSE_SU-2020-3765-1.NASL", "SUSE_SU-2020-3865-1.NASL", "SUSE_SU-2020-3930-1.NASL", "SUSE_SU-2020-3939-1.NASL", "SUSE_SU-2021-0060-1.NASL", "SUSE_SU-2021-0062-1.NASL", "SUSE_SU-2021-0068-1.NASL", "SUSE_SU-2021-0082-1.NASL", "SUSE_SU-2021-0095-1.NASL", "SUSE_SU-2021-0098-1.NASL", "SUSE_SU-2021-0108-1.NASL", "SUSE_SU-2021-0117-1.NASL", "SUSE_SU-2021-0118-1.NASL", "SUSE_SU-2021-0133-1.NASL", "SUSE_SU-2021-0162-1.NASL", "SUSE_SU-2021-0163-1.NASL", "SUSE_SU-2021-0166-1.NASL", "SUSE_SU-2021-0225-1.NASL", "SUSE_SU-2021-0226-1.NASL", "SUSE_SU-2021-0227-1.NASL", "SUSE_SU-2021-0232-1.NASL", "SUSE_SU-2021-0344-1.NASL", "SUSE_SU-2021-0355-1.NASL", "SUSE_SU-2021-0408-1.NASL", "SUSE_SU-2021-0428-1.NASL", "SUSE_SU-2021-0432-1.NASL", "SUSE_SU-2021-0434-1.NASL", "SUSE_SU-2021-0437-1.NASL", "SUSE_SU-2021-0438-1.NASL", "SUSE_SU-2021-0452-1.NASL", "SUSE_SU-2021-0529-1.NASL", "SUSE_SU-2021-0928-1.NASL", "SUSE_SU-2021-1267-1.NASL", "SUSE_SU-2021-1273-1.NASL", "SUSE_SU-2021-1274-1.NASL", "SUSE_SU-2021-1275-1.NASL", "SUSE_SU-2021-14603-1.NASL", "SUSE_SU-2021-14630-1.NASL", "SUSE_SU-2021-14729-1.NASL", "SUSE_SU-2021-14771-1.NASL", "SUSE_SU-2021-2145-1.NASL", "SUSE_SU-2021-2180-1.NASL", "SUSE_SU-2021-2320-1.NASL", "SUSE_SU-2021-2876-1.NASL", "SUSE_SU-2021-3215-1.NASL", "SUSE_SU-2021-3529-1.NASL", "SUSE_SU-2021-3593-1.NASL", "SUSE_SU-2021-3652-1.NASL", "SUSE_SU-2021-3722-1.NASL", "SUSE_SU-2022-0142-1.NASL", "SUSE_SU-2022-0182-1.NASL", "SUSE_SU-2022-0182-2.NASL", "SUSE_SU-2022-0183-1.NASL", "SUSE_SU-2022-0770-1.NASL", "SUSE_SU-2022-1123-1.NASL", "SUSE_SU-2022-1454-1.NASL", "SUSE_SU-2022-2649-1.NASL", "SUSE_SU-2022-3480-1.NASL", "SUSE_SU-2022-3549-1.NASL", "SUSE_SU-2022-3655-1.NASL", "SUSE_SU-2022-3766-1.NASL", "SUSE_SU-2022-4150-1.NASL", "SUSE_SU-2022-4151-1.NASL", "SUSE_SU-2022-4281-1.NASL", "SUSE_SU-2022-4592-1.NASL", "SUSE_SU-2022-4593-1.NASL", "SUSE_SU-2023-0187-1.NASL", "SUSE_SU-2023-0326-1.NASL", "SUSE_SU-2023-0516-2.NASL", "TENABLE_NESSUS_AGENT_TNS_2021_08.NASL", "UBUNTU_USN-3947-1.NASL", "UBUNTU_USN-4040-1.NASL", "UBUNTU_USN-4132-1.NASL", "UBUNTU_USN-4151-1.NASL", "UBUNTU_USN-4164-1.NASL", "UBUNTU_USN-4165-1.NASL", "UBUNTU_USN-4178-1.NASL", "UBUNTU_USN-4181-1.NASL", "UBUNTU_USN-4202-1.NASL", "UBUNTU_USN-4202-2.NASL", "UBUNTU_USN-4205-1.NASL", "UBUNTU_USN-4219-1.NASL", "UBUNTU_USN-4221-1.NASL", "UBUNTU_USN-4236-1.NASL", "UBUNTU_USN-4236-2.NASL", "UBUNTU_USN-4252-1.NASL", "UBUNTU_USN-4256-1.NASL", "UBUNTU_USN-4261-1.NASL", "UBUNTU_USN-4274-1.NASL", "UBUNTU_USN-4281-1.NASL", "UBUNTU_USN-4293-1.NASL", "UBUNTU_USN-4298-1.NASL", "UBUNTU_USN-4310-1.NASL", "UBUNTU_USN-4327-1.NASL", "UBUNTU_USN-4331-1.NASL", "UBUNTU_USN-4333-1.NASL", "UBUNTU_USN-4333-2.NASL", "UBUNTU_USN-4335-1.NASL", "UBUNTU_USN-4336-1.NASL", "UBUNTU_USN-4336-2.NASL", "UBUNTU_USN-4347-1.NASL", "UBUNTU_USN-4349-1.NASL", "UBUNTU_USN-4394-1.NASL", "UBUNTU_USN-4399-1.NASL", "UBUNTU_USN-4416-1.NASL", "UBUNTU_USN-4422-1.NASL", "UBUNTU_USN-4428-1.NASL", "UBUNTU_USN-4444-1.NASL", "UBUNTU_USN-4455-1.NASL", "UBUNTU_USN-4468-1.NASL", "UBUNTU_USN-4474-1.NASL", "UBUNTU_USN-4474-2.NASL", "UBUNTU_USN-4476-1.NASL", "UBUNTU_USN-4491-1.NASL", "UBUNTU_USN-4493-1.NASL", "UBUNTU_USN-4582-1.NASL", "UBUNTU_USN-4593-1.NASL", "UBUNTU_USN-4601-1.NASL", "UBUNTU_USN-4657-1.NASL", "UBUNTU_USN-4658-1.NASL", "UBUNTU_USN-4659-1.NASL", "UBUNTU_USN-4660-1.NASL", "UBUNTU_USN-4662-1.NASL", "UBUNTU_USN-4680-1.NASL", "UBUNTU_USN-4698-1.NASL", "UBUNTU_USN-4705-1.NASL", "UBUNTU_USN-4748-1.NASL", "UBUNTU_USN-4749-1.NASL", "UBUNTU_USN-4750-1.NASL", "UBUNTU_USN-4751-1.NASL", "UBUNTU_USN-4752-1.NASL", "UBUNTU_USN-4754-3.NASL", "UBUNTU_USN-4852-1.NASL", "UBUNTU_USN-4912-1.NASL", "UBUNTU_USN-4991-1.NASL", "UBUNTU_USN-5147-1.NASL", "UBUNTU_USN-5200-1.NASL", "UBUNTU_USN-5425-1.NASL", "UBUNTU_USN-5431-1.NASL", "UBUNTU_USN-5455-1.NASL", "UBUNTU_USN-5715-1.NASL", "UBUNTU_USN-5725-1.NASL", "UBUNTU_USN-5725-2.NASL", "UBUNTU_USN-5873-1.NASL", "UBUNTU_USN-6208-1.NASL", "VIRTUOZZO_VZLSA-2020-4183.NASL", "VIRTUOZZO_VZLSA-2020-5011.NASL"]}, {"type": "nodejsblog", "idList": ["NODEJSBLOG:JANUARY-2021-SECURITY-RELEASES"]}, {"type": "openssl", "idList": ["OPENSSL:CVE-2020-1971"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113543", "OPENVAS:1361412562310113637", "OPENVAS:1361412562310113638", "OPENVAS:1361412562310113639", "OPENVAS:1361412562310113722", "OPENVAS:1361412562310113723", "OPENVAS:1361412562310113724", "OPENVAS:1361412562310704472", "OPENVAS:1361412562310704530", "OPENVAS:1361412562310704547", "OPENVAS:1361412562310704549", "OPENVAS:1361412562310704558", "OPENVAS:1361412562310704563", "OPENVAS:1361412562310704571", "OPENVAS:1361412562310704591", "OPENVAS:1361412562310704610", "OPENVAS:1361412562310704627", "OPENVAS:1361412562310704638", "OPENVAS:1361412562310704641", "OPENVAS:1361412562310704658", "OPENVAS:1361412562310704681", "OPENVAS:1361412562310704724", "OPENVAS:1361412562310815495", "OPENVAS:1361412562310815496", "OPENVAS:1361412562310815550", "OPENVAS:1361412562310815639", "OPENVAS:1361412562310815641", "OPENVAS:1361412562310815712", "OPENVAS:1361412562310815713", "OPENVAS:1361412562310815714", "OPENVAS:1361412562310815715", "OPENVAS:1361412562310815755", "OPENVAS:1361412562310815756", "OPENVAS:1361412562310815757", "OPENVAS:1361412562310815813", "OPENVAS:1361412562310815814", "OPENVAS:1361412562310815815", "OPENVAS:1361412562310815816", "OPENVAS:1361412562310815817", "OPENVAS:1361412562310815818", "OPENVAS:1361412562310815826", "OPENVAS:1361412562310815827", "OPENVAS:1361412562310815828", "OPENVAS:1361412562310815874", "OPENVAS:1361412562310815876", "OPENVAS:1361412562310816600", "OPENVAS:1361412562310816604", "OPENVAS:1361412562310816718", "OPENVAS:1361412562310816719", "OPENVAS:1361412562310816720", "OPENVAS:1361412562310816721", "OPENVAS:1361412562310816856", "OPENVAS:1361412562310816860", "OPENVAS:1361412562310817028", "OPENVAS:1361412562310817029", "OPENVAS:1361412562310817030", "OPENVAS:1361412562310843976", "OPENVAS:1361412562310844072", "OPENVAS:1361412562310844176", "OPENVAS:1361412562310844197", "OPENVAS:1361412562310844207", "OPENVAS:1361412562310844211", "OPENVAS:1361412562310844227", "OPENVAS:1361412562310844232", "OPENVAS:1361412562310844254", "OPENVAS:1361412562310844268", "OPENVAS:1361412562310844269", "OPENVAS:1361412562310844271", "OPENVAS:1361412562310844291", "OPENVAS:1361412562310844294", "OPENVAS:1361412562310844311", "OPENVAS:1361412562310844313", "OPENVAS:1361412562310844321", "OPENVAS:1361412562310844335", "OPENVAS:1361412562310844344", "OPENVAS:1361412562310844355", "OPENVAS:1361412562310844360", "OPENVAS:1361412562310844377", "OPENVAS:1361412562310844391", "OPENVAS:1361412562310844396", "OPENVAS:1361412562310844398", "OPENVAS:1361412562310844399", "OPENVAS:1361412562310844401", "OPENVAS:1361412562310844415", "OPENVAS:1361412562310844416", "OPENVAS:1361412562310844417", "OPENVAS:1361412562310844467", "OPENVAS:1361412562310844473", "OPENVAS:1361412562310844490", "OPENVAS:1361412562310852512", "OPENVAS:1361412562310852513", "OPENVAS:1361412562310852548", "OPENVAS:1361412562310852631", "OPENVAS:1361412562310852663", "OPENVAS:1361412562310852707", "OPENVAS:1361412562310852716", "OPENVAS:1361412562310852736", "OPENVAS:1361412562310852744", "OPENVAS:1361412562310852746", "OPENVAS:1361412562310852752", "OPENVAS:1361412562310852759", "OPENVAS:1361412562310852761", "OPENVAS:1361412562310852762", "OPENVAS:1361412562310852765", "OPENVAS:1361412562310852791", "OPENVAS:1361412562310852807", "OPENVAS:1361412562310852829", "OPENVAS:1361412562310852836", "OPENVAS:1361412562310852841", "OPENVAS:1361412562310852863", "OPENVAS:1361412562310852877", "OPENVAS:1361412562310852894", "OPENVAS:1361412562310852910", "OPENVAS:1361412562310852939", "OPENVAS:1361412562310852941", "OPENVAS:1361412562310852945", "OPENVAS:1361412562310852964", "OPENVAS:1361412562310852981", "OPENVAS:1361412562310852993", "OPENVAS:1361412562310853008", "OPENVAS:1361412562310853030", "OPENVAS:1361412562310853055", "OPENVAS:1361412562310853057", "OPENVAS:1361412562310853099", "OPENVAS:1361412562310853111", "OPENVAS:1361412562310853139", "OPENVAS:1361412562310853145", "OPENVAS:1361412562310853154", "OPENVAS:1361412562310853172", "OPENVAS:1361412562310853184", "OPENVAS:1361412562310853196", "OPENVAS:1361412562310853203", "OPENVAS:1361412562310853252", "OPENVAS:1361412562310853256", "OPENVAS:1361412562310876493", "OPENVAS:1361412562310876512", "OPENVAS:1361412562310876529", "OPENVAS:1361412562310876566", "OPENVAS:1361412562310876577", "OPENVAS:1361412562310876588", "OPENVAS:1361412562310876640", "OPENVAS:1361412562310876844", "OPENVAS:1361412562310876875", "OPENVAS:1361412562310876932", "OPENVAS:1361412562310876949", "OPENVAS:1361412562310876951", "OPENVAS:1361412562310876952", "OPENVAS:1361412562310876964", "OPENVAS:1361412562310876971", "OPENVAS:1361412562310876973", "OPENVAS:1361412562310876974", "OPENVAS:1361412562310876975", "OPENVAS:1361412562310876976", "OPENVAS:1361412562310876978", "OPENVAS:1361412562310877012", "OPENVAS:1361412562310877072", "OPENVAS:1361412562310877107", "OPENVAS:1361412562310877114", "OPENVAS:1361412562310877137", "OPENVAS:1361412562310877172", "OPENVAS:1361412562310877183", "OPENVAS:1361412562310877211", "OPENVAS:1361412562310877282", "OPENVAS:1361412562310877288", "OPENVAS:1361412562310877303", "OPENVAS:1361412562310877343", "OPENVAS:1361412562310877346", "OPENVAS:1361412562310877412", "OPENVAS:1361412562310877414", "OPENVAS:1361412562310877472", "OPENVAS:1361412562310877494", "OPENVAS:1361412562310877501", "OPENVAS:1361412562310877600", "OPENVAS:1361412562310877601", "OPENVAS:1361412562310877602", "OPENVAS:1361412562310877608", "OPENVAS:1361412562310877632", "OPENVAS:1361412562310877643", "OPENVAS:1361412562310877653", "OPENVAS:1361412562310877666", "OPENVAS:1361412562310877670", "OPENVAS:1361412562310877684", "OPENVAS:1361412562310877701", "OPENVAS:1361412562310877721", "OPENVAS:1361412562310877723", "OPENVAS:1361412562310877724", "OPENVAS:1361412562310877732", "OPENVAS:1361412562310877744", "OPENVAS:1361412562310877758", "OPENVAS:1361412562310877770", "OPENVAS:1361412562310877784", "OPENVAS:1361412562310877789", "OPENVAS:1361412562310877872", "OPENVAS:1361412562310877895", "OPENVAS:1361412562310877945", "OPENVAS:1361412562310878002", "OPENVAS:1361412562310878019", "OPENVAS:1361412562310878038", "OPENVAS:1361412562310883126", "OPENVAS:1361412562310883132", "OPENVAS:1361412562310891756", "OPENVAS:1361412562310891839", "OPENVAS:1361412562310891912", "OPENVAS:1361412562310891931", "OPENVAS:1361412562310891955", "OPENVAS:1361412562310891967", "OPENVAS:1361412562310891973", "OPENVAS:1361412562310891987", "OPENVAS:1361412562310891997", "OPENVAS:1361412562310892038", "OPENVAS:1361412562310892044", "OPENVAS:1361412562310892048", "OPENVAS:1361412562310892088", "OPENVAS:1361412562310892280", "OPENVAS:1361412562311220191317", "OPENVAS:1361412562311220191318", "OPENVAS:1361412562311220191592", "OPENVAS:1361412562311220191606", "OPENVAS:1361412562311220191625", "OPENVAS:1361412562311220191758", "OPENVAS:1361412562311220191783", "OPENVAS:1361412562311220191841", "OPENVAS:1361412562311220191935", "OPENVAS:1361412562311220192063", "OPENVAS:1361412562311220192103", "OPENVAS:1361412562311220192107", "OPENVAS:1361412562311220192114", "OPENVAS:1361412562311220192115", "OPENVAS:1361412562311220192119", "OPENVAS:1361412562311220192145", "OPENVAS:1361412562311220192225", "OPENVAS:1361412562311220192256", "OPENVAS:1361412562311220192276", "OPENVAS:1361412562311220192286", "OPENVAS:1361412562311220192290", "OPENVAS:1361412562311220192305", "OPENVAS:1361412562311220192433", "OPENVAS:1361412562311220192442", "OPENVAS:1361412562311220192456", "OPENVAS:1361412562311220192519", "OPENVAS:1361412562311220192541", "OPENVAS:1361412562311220192551", "OPENVAS:1361412562311220192612", "OPENVAS:1361412562311220192627", "OPENVAS:1361412562311220192653", "OPENVAS:1361412562311220192703", "OPENVAS:1361412562311220192712", "OPENVAS:1361412562311220201044", "OPENVAS:1361412562311220201048", "OPENVAS:1361412562311220201050", "OPENVAS:1361412562311220201072", "OPENVAS:1361412562311220201074", "OPENVAS:1361412562311220201075", "OPENVAS:1361412562311220201079", "OPENVAS:1361412562311220201082", "OPENVAS:1361412562311220201085", "OPENVAS:1361412562311220201117", "OPENVAS:1361412562311220201132", "OPENVAS:1361412562311220201145", "OPENVAS:1361412562311220201153", "OPENVAS:1361412562311220201159", "OPENVAS:1361412562311220201164", "OPENVAS:1361412562311220201165", "OPENVAS:1361412562311220201180", "OPENVAS:1361412562311220201212", "OPENVAS:1361412562311220201215", "OPENVAS:1361412562311220201217", "OPENVAS:1361412562311220201249", "OPENVAS:1361412562311220201275", "OPENVAS:1361412562311220201288", "OPENVAS:1361412562311220201295", "OPENVAS:1361412562311220201296", "OPENVAS:1361412562311220201300", "OPENVAS:1361412562311220201310", "OPENVAS:1361412562311220201321", "OPENVAS:1361412562311220201332", "OPENVAS:1361412562311220201336", "OPENVAS:1361412562311220201344", "OPENVAS:1361412562311220201346", "OPENVAS:1361412562311220201358", "OPENVAS:1361412562311220201362", "OPENVAS:1361412562311220201364", "OPENVAS:1361412562311220201369", "OPENVAS:1361412562311220201377", "OPENVAS:1361412562311220201405", "OPENVAS:1361412562311220201408", "OPENVAS:1361412562311220201427", "OPENVAS:1361412562311220201434", "OPENVAS:1361412562311220201437", "OPENVAS:1361412562311220201442", "OPENVAS:1361412562311220201445", "OPENVAS:1361412562311220201472", "OPENVAS:1361412562311220201474", "OPENVAS:1361412562311220201487", "OPENVAS:1361412562311220201509", "OPENVAS:1361412562311220201510", "OPENVAS:1361412562311220201516", "OPENVAS:1361412562311220201533", "OPENVAS:1361412562311220201558", "OPENVAS:1361412562311220201562", "OPENVAS:1361412562311220201569", "OPENVAS:1361412562311220201574", "OPENVAS:1361412562311220201579", "OPENVAS:1361412562311220201599", "OPENVAS:1361412562311220201607", "OPENVAS:1361412562311220201623", "OPENVAS:1361412562311220201624", "OPENVAS:1361412562311220201631", "OPENVAS:1361412562311220201646", "OPENVAS:1361412562311220201667", "OPENVAS:1361412562311220201670", "OPENVAS:1361412562311220201689", "OPENVAS:1361412562311220201693", "OPENVAS:1361412562311220201697", "OPENVAS:1361412562311220201699", "OPENVAS:1361412562311220201702", "OPENVAS:1361412562311220201712", "OPENVAS:1361412562311220201764", "OPENVAS:1361412562311220201768", "OPENVAS:1361412562311220201779", "OPENVAS:1361412562311220201791"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-2020-12-09-1", "OPENWRT-SA-2021-01-19-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUAPR2022", "ORACLE:CPUAPR2023", "ORACLE:CPUJAN2020", "ORACLE:CPUJAN2021", "ORACLE:CPUJUL2020", "ORACLE:CPUJUL2021", "ORACLE:CPUJUL2022", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2020", "ORACLE:CPUOCT2021", "ORACLE:CPUOCT2022", "ORACLE:CPUOCT2023"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3210", "ELSA-2019-3237", "ELSA-2020-3662", "ELSA-2020-3665", "ELSA-2020-3888", "ELSA-2020-3911", "ELSA-2020-3952", "ELSA-2020-3996", "ELSA-2020-4005", "ELSA-2020-4035", "ELSA-2020-4076", "ELSA-2020-4183", "ELSA-2020-4432", "ELSA-2020-4433", "ELSA-2020-4442", "ELSA-2020-4443", "ELSA-2020-4444", "ELSA-2020-4451", "ELSA-2020-4453", "ELSA-2020-4464", "ELSA-2020-4465", "ELSA-2020-4479", "ELSA-2020-4482", "ELSA-2020-4484", "ELSA-2020-4490", "ELSA-2020-4497", "ELSA-2020-4500", "ELSA-2020-4508", "ELSA-2020-4539", "ELSA-2020-4542", "ELSA-2020-4545", "ELSA-2020-4547", "ELSA-2020-4641", "ELSA-2020-4654", "ELSA-2020-4694", "ELSA-2020-4760", "ELSA-2020-4805", "ELSA-2020-4907", "ELSA-2020-4952", "ELSA-2020-5009", "ELSA-2020-5010", "ELSA-2020-5011", "ELSA-2020-5476", "ELSA-2020-5483", "ELSA-2020-5493", "ELSA-2020-5566-1", "ELSA-2020-5662", "ELSA-2020-5823", "ELSA-2020-5825", "ELSA-2020-5827", "ELSA-2020-5828", "ELSA-2020-5900", "ELSA-2020-5966", "ELSA-2021-0150", "ELSA-2021-0153", "ELSA-2021-0218", "ELSA-2021-0221", "ELSA-2021-0348", "ELSA-2021-0538", "ELSA-2021-0558", "ELSA-2021-0671", "ELSA-2021-0856", "ELSA-2021-1796", "ELSA-2021-9002", "ELSA-2021-9005", "ELSA-2021-9006", "ELSA-2021-9007", "ELSA-2021-9008", "ELSA-2021-9019", "ELSA-2021-9052", "ELSA-2021-9121", "ELSA-2021-9137", "ELSA-2021-9150", "ELSA-2021-9169", "ELSA-2021-9212", "ELSA-2022-5234", "ELSA-2022-9204"]}, {"type": "osv", "idList": ["OSV:ASB-A-171232105", "OSV:ASB-A-174737972", "OSV:ASB-A-175451802", "OSV:CVE-2018-14462", "OSV:CVE-2018-14463", "OSV:CVE-2018-14465", "OSV:CVE-2018-14468", "OSV:CVE-2018-14469", "OSV:CVE-2018-14879", "OSV:CVE-2018-14880", "OSV:CVE-2018-14882", "OSV:CVE-2018-16229", "OSV:CVE-2019-11068", "OSV:CVE-2019-14889", "OSV:CVE-2019-16168", "OSV:CVE-2019-16935", "OSV:CVE-2019-20907", "OSV:CVE-2020-12400", "OSV:CVE-2020-12403", "OSV:CVE-2020-14422", "OSV:CVE-2020-1730", "OSV:CVE-2020-24659", "OSV:CVE-2020-25681", "OSV:CVE-2020-25682", "OSV:CVE-2020-25685", "OSV:CVE-2020-6829", "OSV:CVE-2020-8492", "OSV:CVE-2020-8619", "OSV:CVE-2020-8624", "OSV:CVE-2021-3121", "OSV:DLA-1756-1", "OSV:DLA-1839-1", "OSV:DLA-1912-1", "OSV:DLA-1931-1", "OSV:DLA-1931-2", "OSV:DLA-1955-1", "OSV:DLA-1967-1", "OSV:DLA-1973-1", "OSV:DLA-1987-1", "OSV:DLA-1997-1", "OSV:DLA-2038-1", "OSV:DLA-2044-1", "OSV:DLA-2048-1", "OSV:DLA-2088-1", "OSV:DLA-2280-1", "OSV:DLA-2337-1", "OSV:DLA-2340-1", "OSV:DLA-2340-2", "OSV:DLA-2355-1", "OSV:DLA-2369-1", "OSV:DLA-2370-1", "OSV:DLA-2388-1", "OSV:DLA-2402-1", "OSV:DLA-2453-1", "OSV:DLA-2455-1", "OSV:DLA-2456-1", "OSV:DLA-2459-1", "OSV:DLA-2460-1", "OSV:DLA-2483-1", "OSV:DLA-2492-1", "OSV:DLA-2493-1", "OSV:DLA-2494-1", "OSV:DLA-2520-1", "OSV:DLA-2557-1", "OSV:DLA-2586-1", "OSV:DLA-2628-1", "OSV:DLA-2645-1", "OSV:DLA-2876-1", "OSV:DLA-2987-1", "OSV:DLA-3152-1", "OSV:DLA-3202-1", "OSV:DLA-3327-1", "OSV:DLA-3363-1", "OSV:DLA-3424-1", "OSV:DLA-3432-1", "OSV:DLA-3437-1", "OSV:DLA-3455-1", "OSV:DSA-4472-1", "OSV:DSA-4530-1", "OSV:DSA-4549-1", "OSV:DSA-4558-1", "OSV:DSA-4563-1", "OSV:DSA-4571-1", "OSV:DSA-4591-1", "OSV:DSA-4610-1", "OSV:DSA-4627-1", "OSV:DSA-4638-1", "OSV:DSA-4641-1", "OSV:DSA-4658-1", "OSV:DSA-4681-1", "OSV:DSA-4724-1", "OSV:DSA-4739-1", "OSV:DSA-4752-1", "OSV:DSA-4777-1", "OSV:DSA-4824-1", "OSV:DSA-4843-1", "OSV:DSA-4844-1", "OSV:DSA-4848-1", "OSV:GHSA-242X-7CM6-4W8J", "OSV:GHSA-25XM-HR59-7C27", "OSV:GHSA-3VM4-22FP-5RFM", "OSV:GHSA-3XH2-74W9-5VXM", "OSV:GHSA-5RCV-M4M3-HFH7", "OSV:GHSA-7553-JR98-VX47", "OSV:GHSA-7RRM-V45F-JP64", "OSV:GHSA-C3H9-896R-86JM", "OSV:GHSA-FFHG-7MH4-33C4", "OSV:GHSA-GPVV-69J7-GWJ8", "OSV:GHSA-M6GX-RHVJ-FH52", "OSV:GHSA-PV36-H7JH-QM62", "OSV:GHSA-Q6GQ-997W-F55G", "OSV:GHSA-QXCG-XJJG-66MJ", "OSV:GHSA-W73W-5M7G-F7QC", "OSV:GHSA-XJQR-G762-PXWP", "OSV:GO-2020-0012", "OSV:GO-2020-0015", "OSV:GO-2020-0017", "OSV:GO-2020-0019", "OSV:GO-2021-0053", "OSV:GO-2021-0069", "OSV:GO-2021-0141", "OSV:GO-2021-0142", "OSV:GO-2021-0224", "OSV:GO-2021-0225", "OSV:GO-2021-0227", "OSV:GO-2022-0230", "OSV:PYSEC-2020-173"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155112", "PACKETSTORM:156480", "PACKETSTORM:157378", "PACKETSTORM:157926", "PACKETSTORM:159447", "PACKETSTORM:160681", "PACKETSTORM:161160", "PACKETSTORM:161230", "PACKETSTORM:161270", "PACKETSTORM:161293"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-3156"]}, {"type": "photon", "idList": ["PHSA-2019-0010", "PHSA-2019-0024", "PHSA-2019-0026", "PHSA-2019-0034", "PHSA-2019-0035", "PHSA-2019-0036", "PHSA-2019-0037", "PHSA-2019-0043", "PHSA-2019-0152", "PHSA-2019-0171", "PHSA-2019-0182", "PHSA-2019-0184", "PHSA-2019-0187", "PHSA-2019-0189", "PHSA-2019-0190", "PHSA-2019-0224", "PHSA-2019-0246", "PHSA-2019-0247", "PHSA-2019-0255", "PHSA-2019-0257", "PHSA-2019-1.0-0224", "PHSA-2019-1.0-0246", "PHSA-2019-1.0-0247", "PHSA-2019-1.0-0255", "PHSA-2019-1.0-0257", "PHSA-2019-2.0-0152", "PHSA-2019-2.0-0171", "PHSA-2019-2.0-0182", "PHSA-2019-2.0-0184", "PHSA-2019-2.0-0187", "PHSA-2019-2.0-0189", "PHSA-2019-2.0-0190", "PHSA-2019-3.0-0010", "PHSA-2019-3.0-0024", "PHSA-2019-3.0-0026", "PHSA-2019-3.0-0034", "PHSA-2019-3.0-0035", "PHSA-2019-3.0-0036", "PHSA-2019-3.0-0037", "PHSA-2019-3.0-0043", "PHSA-2020-0049", "PHSA-2020-0055", "PHSA-2020-0057", "PHSA-2020-0067", "PHSA-2020-0077", "PHSA-2020-0078", "PHSA-2020-0083", "PHSA-2020-0093", "PHSA-2020-0097", "PHSA-2020-0101", "PHSA-2020-0102", "PHSA-2020-0111", "PHSA-2020-0115", "PHSA-2020-0118", "PHSA-2020-0130", "PHSA-2020-0135", "PHSA-2020-0142", "PHSA-2020-0146", "PHSA-2020-0160", "PHSA-2020-0174", "PHSA-2020-0175", "PHSA-2020-0200", "PHSA-2020-0203", "PHSA-2020-0205", "PHSA-2020-0207", "PHSA-2020-0216", "PHSA-2020-0225", "PHSA-2020-0226", "PHSA-2020-0227", "PHSA-2020-0234", "PHSA-2020-0242", "PHSA-2020-0248", "PHSA-2020-0249", "PHSA-2020-0251", "PHSA-2020-0254", "PHSA-2020-0258", "PHSA-2020-0263", "PHSA-2020-0264", "PHSA-2020-0270", "PHSA-2020-0271", "PHSA-2020-0272", "PHSA-2020-0273", "PHSA-2020-0283", "PHSA-2020-0288", "PHSA-2020-0289", "PHSA-2020-0298", "PHSA-2020-0300", "PHSA-2020-0301", "PHSA-2020-0304", "PHSA-2020-0309", "PHSA-2020-0316", "PHSA-2020-0320", "PHSA-2020-0325", "PHSA-2020-0330", "PHSA-2020-0338", "PHSA-2020-0345", "PHSA-2020-0350", "PHSA-2020-1.0-0264", "PHSA-2020-1.0-0271", "PHSA-2020-1.0-0272", "PHSA-2020-1.0-0273", "PHSA-2020-1.0-0283", "PHSA-2020-1.0-0288", "PHSA-2020-1.0-0289", "PHSA-2020-1.0-0298", "PHSA-2020-1.0-0300", "PHSA-2020-1.0-0301", "PHSA-2020-1.0-0304", "PHSA-2020-1.0-0309", "PHSA-2020-1.0-0316", "PHSA-2020-1.0-0320", "PHSA-2020-1.0-0330", "PHSA-2020-1.0-0338", "PHSA-2020-1.0-0345", "PHSA-2020-1.0-0350", "PHSA-2020-2.0-0200", "PHSA-2020-2.0-0203", "PHSA-2020-2.0-0205", "PHSA-2020-2.0-0207", "PHSA-2020-2.0-0216", "PHSA-2020-2.0-0225", "PHSA-2020-2.0-0226", "PHSA-2020-2.0-0227", "PHSA-2020-2.0-0234", "PHSA-2020-2.0-0242", "PHSA-2020-2.0-0248", "PHSA-2020-2.0-0249", "PHSA-2020-2.0-0251", "PHSA-2020-2.0-0254", "PHSA-2020-2.0-0258", "PHSA-2020-2.0-0263", "PHSA-2020-2.0-0265", "PHSA-2020-2.0-0276", "PHSA-2020-2.0-0279", "PHSA-2020-2.0-0288", "PHSA-2020-2.0-0304", "PHSA-2020-3.0-0049", "PHSA-2020-3.0-0055", "PHSA-2020-3.0-0057", "PHSA-2020-3.0-0067", "PHSA-2020-3.0-0077", "PHSA-2020-3.0-0078", "PHSA-2020-3.0-0083", "PHSA-2020-3.0-0093", "PHSA-2020-3.0-0097", "PHSA-2020-3.0-0101", "PHSA-2020-3.0-0102", "PHSA-2020-3.0-0111", "PHSA-2020-3.0-0115", "PHSA-2020-3.0-0118", "PHSA-2020-3.0-0130", "PHSA-2020-3.0-0135", "PHSA-2020-3.0-0142", "PHSA-2020-3.0-0146", "PHSA-2020-3.0-0160", "PHSA-2020-3.0-0174", "PHSA-2020-3.0-0175", "PHSA-2021-0007", "PHSA-2021-0105", "PHSA-2021-0182", "PHSA-2021-0186", "PHSA-2021-0188", "PHSA-2021-0197", "PHSA-2021-0254", "PHSA-2021-0303", "PHSA-2021-0308", "PHSA-2021-0312", "PHSA-2021-0315", "PHSA-2021-0356", "PHSA-2021-0358", "PHSA-2021-0404", "PHSA-2021-1.0-0356", "PHSA-2021-1.0-0358", "PHSA-2021-1.0-0404", "PHSA-2021-2.0-0308", "PHSA-2021-2.0-0312", "PHSA-2021-2.0-0315", "PHSA-2021-2.0-0358", "PHSA-2021-3.0-0182", "PHSA-2021-3.0-0186", "PHSA-2021-3.0-0188", "PHSA-2021-3.0-0197", "PHSA-2021-3.0-0254", "PHSA-2021-3.0-0303", "PHSA-2021-4.0-0007", "PHSA-2021-4.0-0105", "PHSA-2022-0364", "PHSA-2022-0442", "PHSA-2022-0472", "PHSA-2022-3.0-0364", "PHSA-2022-4.0-0156", "PHSA-2023-3.0-0601", "PHSA-2023-4.0-0414"]}, {"type": "prion", "idList": ["PRION:CVE-2018-10103", "PRION:CVE-2018-10105", "PRION:CVE-2018-14461", "PRION:CVE-2018-14462", "PRION:CVE-2018-14463", "PRION:CVE-2018-14464", "PRION:CVE-2018-14465", "PRION:CVE-2018-14466", "PRION:CVE-2018-14467", "PRION:CVE-2018-14468", "PRION:CVE-2018-14469", "PRION:CVE-2018-14470", "PRION:CVE-2018-14879", "PRION:CVE-2018-14880", "PRION:CVE-2018-14881", "PRION:CVE-2018-14882", "PRION:CVE-2018-16227", "PRION:CVE-2018-16228", "PRION:CVE-2018-16229", "PRION:CVE-2018-16230", "PRION:CVE-2018-16300", "PRION:CVE-2018-16451", "PRION:CVE-2018-16452", "PRION:CVE-2018-20843", "PRION:CVE-2019-11068", "PRION:CVE-2019-13050", "PRION:CVE-2019-13627", "PRION:CVE-2019-14559", "PRION:CVE-2019-14889", "PRION:CVE-2019-15165", "PRION:CVE-2019-15166", "PRION:CVE-2019-15167", "PRION:CVE-2019-15903", "PRION:CVE-2019-16168", "PRION:CVE-2019-16935", "PRION:CVE-2019-17450", "PRION:CVE-2019-18197", "PRION:CVE-2019-19221", "PRION:CVE-2019-19906", "PRION:CVE-2019-19956", "PRION:CVE-2019-20218", "PRION:CVE-2019-20387", "PRION:CVE-2019-20388", "PRION:CVE-2019-20454", "PRION:CVE-2019-20807", "PRION:CVE-2019-20838", "PRION:CVE-2019-20907", "PRION:CVE-2019-20916", "PRION:CVE-2019-5018", "PRION:CVE-2019-8625", "PRION:CVE-2019-8710", "PRION:CVE-2019-8720", "PRION:CVE-2019-8743", "PRION:CVE-2019-8764", "PRION:CVE-2019-8766", "PRION:CVE-2019-8769", "PRION:CVE-2019-8771", "PRION:CVE-2019-8782", "PRION:CVE-2019-8783", "PRION:CVE-2019-8808", "PRION:CVE-2019-8811", "PRION:CVE-2019-8812", "PRION:CVE-2019-8813", "PRION:CVE-2019-8814", "PRION:CVE-2019-8815", "PRION:CVE-2019-8816", "PRION:CVE-2019-8819", "PRION:CVE-2019-8820", "PRION:CVE-2019-8823", "PRION:CVE-2019-8835", "PRION:CVE-2019-8844", "PRION:CVE-2019-8846", "PRION:CVE-2020-10018", "PRION:CVE-2020-10029", "PRION:CVE-2020-11793", "PRION:CVE-2020-12321", "PRION:CVE-2020-12400", "PRION:CVE-2020-12403", "PRION:CVE-2020-13630", "PRION:CVE-2020-13631", "PRION:CVE-2020-13632", "PRION:CVE-2020-14040", "PRION:CVE-2020-14351", "PRION:CVE-2020-14382", "PRION:CVE-2020-14391", "PRION:CVE-2020-14422", "PRION:CVE-2020-15503", "PRION:CVE-2020-15586", "PRION:CVE-2020-15999", "PRION:CVE-2020-16845", "PRION:CVE-2020-1730", "PRION:CVE-2020-1751", "PRION:CVE-2020-1752", "PRION:CVE-2020-1971", "PRION:CVE-2020-24659", "PRION:CVE-2020-25681", "PRION:CVE-2020-25682", "PRION:CVE-2020-25683", "PRION:CVE-2020-25684", "PRION:CVE-2020-25685", "PRION:CVE-2020-25686", "PRION:CVE-2020-25687", "PRION:CVE-2020-25705", "PRION:CVE-2020-26160", "PRION:CVE-2020-27813", "PRION:CVE-2020-28362", "PRION:CVE-2020-29652", "PRION:CVE-2020-29661", "PRION:CVE-2020-3862", "PRION:CVE-2020-3864", "PRION:CVE-2020-3865", "PRION:CVE-2020-3867", "PRION:CVE-2020-3868", "PRION:CVE-2020-3885", "PRION:CVE-2020-3894", "PRION:CVE-2020-3895", "PRION:CVE-2020-3897", "PRION:CVE-2020-3899", "PRION:CVE-2020-3900", "PRION:CVE-2020-3901", "PRION:CVE-2020-3902", "PRION:CVE-2020-6405", "PRION:CVE-2020-6829", "PRION:CVE-2020-7595", "PRION:CVE-2020-8492", "PRION:CVE-2020-8619", "PRION:CVE-2020-8622", "PRION:CVE-2020-8623", "PRION:CVE-2020-8624", "PRION:CVE-2020-9283", "PRION:CVE-2020-9327", "PRION:CVE-2020-9802", "PRION:CVE-2020-9803", "PRION:CVE-2020-9805", "PRION:CVE-2020-9806", "PRION:CVE-2020-9807", "PRION:CVE-2020-9843", "PRION:CVE-2020-9850", "PRION:CVE-2020-9862", "PRION:CVE-2020-9893", "PRION:CVE-2020-9894", "PRION:CVE-2020-9895", "PRION:CVE-2020-9915", "PRION:CVE-2020-9925", "PRION:CVE-2021-20206", "PRION:CVE-2021-29482", "PRION:CVE-2021-3121", "PRION:CVE-2021-3156"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:0082A77BD8EFFF48B406D107FEFD0DD3", "QUALYSBLOG:8A2B26102098E31C5F8E392A55929F58", "QUALYSBLOG:96DCE4C98C4BF0770916E3FFC1290807", "QUALYSBLOG:A341C9278C6DD389E0F263AE83CB5579", "QUALYSBLOG:E9408B9A1592F0FED621B417D14ABECD"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:46A54401F6ED43B72F664A32EA043CB8", "RAPID7BLOG:73EAE8A2825E9B6764F314122B4E5F25", "RAPID7BLOG:8F65784C67333FC453D98DBB9FBEBA4C", "RAPID7BLOG:B7BFF90DF2218C3CFB5ABB1CFE63700E", "RAPID7BLOG:BCCD03F6B72FD7F9410FC063D6F16682", "RAPID7BLOG:CBB459355DA52AAEA21DDFD10D5B6FDB"]}, {"type": "redhat", "idList": ["RHSA-2019:3193", "RHSA-2019:3196", "RHSA-2019:3210", "RHSA-2019:3237", "RHSA-2019:3756", "RHSA-2020:0514", "RHSA-2020:1605", "RHSA-2020:2412", "RHSA-2020:2413", "RHSA-2020:2644", "RHSA-2020:2646", "RHSA-2020:2789", "RHSA-2020:2790", "RHSA-2020:2793", "RHSA-2020:2878", "RHSA-2020:3078", "RHSA-2020:3369", "RHSA-2020:3372", "RHSA-2020:3414", "RHSA-2020:3578", "RHSA-2020:3662", "RHSA-2020:3665", "RHSA-2020:3727", "RHSA-2020:3780", "RHSA-2020:3783", "RHSA-2020:3809", "RHSA-2020:3888", "RHSA-2020:3911", "RHSA-2020:3952", "RHSA-2020:3996", "RHSA-2020:4005", "RHSA-2020:4035", "RHSA-2020:4076", "RHSA-2020:4183", "RHSA-2020:4201", "RHSA-2020:4214", "RHSA-2020:4254", "RHSA-2020:4255", "RHSA-2020:4264", "RHSA-2020:4273", "RHSA-2020:4285", "RHSA-2020:4297", "RHSA-2020:4298", "RHSA-2020:4299", "RHSA-2020:4351", "RHSA-2020:4432", "RHSA-2020:4433", "RHSA-2020:4442", "RHSA-2020:4443", "RHSA-2020:4444", "RHSA-2020:4451", "RHSA-2020:4453", "RHSA-2020:4464", "RHSA-2020:4465", "RHSA-2020:4479", "RHSA-2020:4482", "RHSA-2020:4484", "RHSA-2020:4490", "RHSA-2020:4497", "RHSA-2020:4500", "RHSA-2020:4508", "RHSA-2020:4539", "RHSA-2020:4542", "RHSA-2020:4545", "RHSA-2020:4547", "RHSA-2020:4641", "RHSA-2020:4654", "RHSA-2020:4694", "RHSA-2020:4760", "RHSA-2020:4805", "RHSA-2020:4846", "RHSA-2020:4900", "RHSA-2020:4907", "RHSA-2020:4949", "RHSA-2020:4950", "RHSA-2020:4951", "RHSA-2020:4952", "RHSA-2020:4992", "RHSA-2020:5009", "RHSA-2020:5010", "RHSA-2020:5011", "RHSA-2020:5054", "RHSA-2020:5055", "RHSA-2020:5056", "RHSA-2020:5118", "RHSA-2020:5119", "RHSA-2020:5149", "RHSA-2020:5159", "RHSA-2020:5194", "RHSA-2020:5198", "RHSA-2020:5203", "RHSA-2020:5218", "RHSA-2020:5333", "RHSA-2020:5359", "RHSA-2020:5364", "RHSA-2020:5416", "RHSA-2020:5422", "RHSA-2020:5476", "RHSA-2020:5479", "RHSA-2020:5483", "RHSA-2020:5493", "RHSA-2020:5566", "RHSA-2020:5588", "RHSA-2020:5605", "RHSA-2020:5606", "RHSA-2020:5614", "RHSA-2020:5623", "RHSA-2020:5633", "RHSA-2020:5634", "RHSA-2020:5635", "RHSA-2020:5637", "RHSA-2020:5639", "RHSA-2020:5640", "RHSA-2020:5641", "RHSA-2020:5642", "RHSA-2020:5649", "RHSA-2021:0037", "RHSA-2021:0038", "RHSA-2021:0039", "RHSA-2021:0050", "RHSA-2021:0056", "RHSA-2021:0072", "RHSA-2021:0083", "RHSA-2021:0100", "RHSA-2021:0145", "RHSA-2021:0146", "RHSA-2021:0150", "RHSA-2021:0151", "RHSA-2021:0152", "RHSA-2021:0153", "RHSA-2021:0154", "RHSA-2021:0155", "RHSA-2021:0156", "RHSA-2021:0172", "RHSA-2021:0183", "RHSA-2021:0187", "RHSA-2021:0190", "RHSA-2021:0218", "RHSA-2021:0219", "RHSA-2021:0220", "RHSA-2021:0221", "RHSA-2021:0222", "RHSA-2021:0223", "RHSA-2021:0224", "RHSA-2021:0225", "RHSA-2021:0226", "RHSA-2021:0227", "RHSA-2021:0240", "RHSA-2021:0245", "RHSA-2021:0258", "RHSA-2021:0266", "RHSA-2021:0281", "RHSA-2021:0308", "RHSA-2021:0310", "RHSA-2021:0313", "RHSA-2021:0339", "RHSA-2021:0348", "RHSA-2021:0354", "RHSA-2021:0395", "RHSA-2021:0401", "RHSA-2021:0420", "RHSA-2021:0436", "RHSA-2021:0486", "RHSA-2021:0488", "RHSA-2021:0489", "RHSA-2021:0491", "RHSA-2021:0494", "RHSA-2021:0495", "RHSA-2021:0516", "RHSA-2021:0528", "RHSA-2021:0537", "RHSA-2021:0538", "RHSA-2021:0558", "RHSA-2021:0568", "RHSA-2021:0607", "RHSA-2021:0686", "RHSA-2021:0689", "RHSA-2021:0713", "RHSA-2021:0719", "RHSA-2021:0758", "RHSA-2021:0761", "RHSA-2021:0763", "RHSA-2021:0765", "RHSA-2021:0774", "RHSA-2021:0778", "RHSA-2021:0833", "RHSA-2021:0848", "RHSA-2021:0856", "RHSA-2021:0857", "RHSA-2021:0862", "RHSA-2021:0876", "RHSA-2021:0878", "RHSA-2021:0881", "RHSA-2021:0940", "RHSA-2021:0949", "RHSA-2021:0956", "RHSA-2021:0980", "RHSA-2021:1005", "RHSA-2021:1006", "RHSA-2021:1007", "RHSA-2021:1016", "RHSA-2021:1026", "RHSA-2021:1028", "RHSA-2021:1031", "RHSA-2021:1079", "RHSA-2021:1129", "RHSA-2021:1168", "RHSA-2021:1225", "RHSA-2021:1227", "RHSA-2021:1267", "RHSA-2021:1288", "RHSA-2021:1366", "RHSA-2021:1369", "RHSA-2021:1448", "RHSA-2021:1515", "RHSA-2021:1531", "RHSA-2021:1551", "RHSA-2021:1552", "RHSA-2021:1561", "RHSA-2021:1563", "RHSA-2021:1796", "RHSA-2021:1968", "RHSA-2021:2021", "RHSA-2021:2039", "RHSA-2021:2041", "RHSA-2021:2042", "RHSA-2021:2053", "RHSA-2021:2121", "RHSA-2021:2122", "RHSA-2021:2136", "RHSA-2021:2164", "RHSA-2021:2191", "RHSA-2021:2286", "RHSA-2021:2355", "RHSA-2021:2374", "RHSA-2021:2437", "RHSA-2021:2438", "RHSA-2021:2461", "RHSA-2021:2532", "RHSA-2021:2543", "RHSA-2021:2920", "RHSA-2021:2977", "RHSA-2021:2998", "RHSA-2021:3001", "RHSA-2021:3016", "RHSA-2021:3140", "RHSA-2021:3259", "RHSA-2021:3262", "RHSA-2021:3303", "RHSA-2021:3315", "RHSA-2021:3361", "RHSA-2021:3759", "RHSA-2021:3925", "RHSA-2021:4103", "RHSA-2021:4104", "RHSA-2021:5110", "RHSA-2022:0056", "RHSA-2022:0283", "RHSA-2022:0492", "RHSA-2022:0577", "RHSA-2022:1276", "RHSA-2022:1660", "RHSA-2022:1679", "RHSA-2022:5234", "RHSA-2022:5840", "RHSA-2022:5924", "RHSA-2022:6133", "RHSA-2022:6429", "RHSA-2022:6536", "RHSA-2022:6916", "RHSA-2022:7887"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-10103", "RH:CVE-2018-10105", "RH:CVE-2018-14461", "RH:CVE-2018-14462", "RH:CVE-2018-14463", "RH:CVE-2018-14464", "RH:CVE-2018-14465", "RH:CVE-2018-14466", "RH:CVE-2018-14467", "RH:CVE-2018-14468", "RH:CVE-2018-14469", "RH:CVE-2018-14470", "RH:CVE-2018-14879", "RH:CVE-2018-14880", "RH:CVE-2018-14881", "RH:CVE-2018-14882", "RH:CVE-2018-16227", "RH:CVE-2018-16228", "RH:CVE-2018-16229", "RH:CVE-2018-16230", "RH:CVE-2018-16300", "RH:CVE-2018-16451", "RH:CVE-2018-16452", "RH:CVE-2018-20843", "RH:CVE-2019-11068", "RH:CVE-2019-13050", "RH:CVE-2019-13627", "RH:CVE-2019-14559", "RH:CVE-2019-14889", "RH:CVE-2019-15165", "RH:CVE-2019-15166", "RH:CVE-2019-15167", "RH:CVE-2019-15903", "RH:CVE-2019-16168", "RH:CVE-2019-16935", "RH:CVE-2019-17450", "RH:CVE-2019-18197", "RH:CVE-2019-19221", "RH:CVE-2019-19906", "RH:CVE-2019-19956", "RH:CVE-2019-20218", "RH:CVE-2019-20387", "RH:CVE-2019-20388", "RH:CVE-2019-20454", "RH:CVE-2019-20807", "RH:CVE-2019-20838", "RH:CVE-2019-20907", "RH:CVE-2019-20916", "RH:CVE-2019-5018", "RH:CVE-2019-8625", "RH:CVE-2019-8710", "RH:CVE-2019-8720", "RH:CVE-2019-8743", "RH:CVE-2019-8764", "RH:CVE-2019-8766", "RH:CVE-2019-8769", "RH:CVE-2019-8771", "RH:CVE-2019-8782", "RH:CVE-2019-8783", "RH:CVE-2019-8808", "RH:CVE-2019-8811", "RH:CVE-2019-8812", "RH:CVE-2019-8813", "RH:CVE-2019-8814", "RH:CVE-2019-8815", "RH:CVE-2019-8816", "RH:CVE-2019-8819", "RH:CVE-2019-8820", "RH:CVE-2019-8823", "RH:CVE-2019-8835", "RH:CVE-2019-8844", "RH:CVE-2019-8846", "RH:CVE-2020-10018", "RH:CVE-2020-10029", "RH:CVE-2020-11793", "RH:CVE-2020-12321", "RH:CVE-2020-12400", "RH:CVE-2020-12403", "RH:CVE-2020-13630", "RH:CVE-2020-13631", "RH:CVE-2020-13632", "RH:CVE-2020-14040", "RH:CVE-2020-14351", "RH:CVE-2020-14382", "RH:CVE-2020-14391", "RH:CVE-2020-14422", "RH:CVE-2020-15503", "RH:CVE-2020-15586", "RH:CVE-2020-15999", "RH:CVE-2020-16845", "RH:CVE-2020-1730", "RH:CVE-2020-1751", "RH:CVE-2020-1752", "RH:CVE-2020-1971", "RH:CVE-2020-24659", "RH:CVE-2020-25681", "RH:CVE-2020-25682", "RH:CVE-2020-25683", "RH:CVE-2020-25684", "RH:CVE-2020-25685", "RH:CVE-2020-25686", "RH:CVE-2020-25687", "RH:CVE-2020-25705", "RH:CVE-2020-26160", "RH:CVE-2020-27813", "RH:CVE-2020-28362", "RH:CVE-2020-29652", "RH:CVE-2020-29661", "RH:CVE-2020-3862", "RH:CVE-2020-3864", "RH:CVE-2020-3865", "RH:CVE-2020-3867", "RH:CVE-2020-3868", "RH:CVE-2020-3885", "RH:CVE-2020-3894", "RH:CVE-2020-3895", "RH:CVE-2020-3897", "RH:CVE-2020-3899", "RH:CVE-2020-3900", "RH:CVE-2020-3901", "RH:CVE-2020-3902", "RH:CVE-2020-6405", "RH:CVE-2020-6829", "RH:CVE-2020-7595", "RH:CVE-2020-8492", "RH:CVE-2020-8619", "RH:CVE-2020-8622", "RH:CVE-2020-8623", "RH:CVE-2020-8624", "RH:CVE-2020-9283", "RH:CVE-2020-9327", "RH:CVE-2020-9802", "RH:CVE-2020-9803", "RH:CVE-2020-9805", "RH:CVE-2020-9806", "RH:CVE-2020-9807", "RH:CVE-2020-9843", "RH:CVE-2020-9850", "RH:CVE-2020-9862", "RH:CVE-2020-9893", "RH:CVE-2020-9894", "RH:CVE-2020-9895", "RH:CVE-2020-9915", "RH:CVE-2020-9925", "RH:CVE-2021-20206", "RH:CVE-2021-20322", "RH:CVE-2021-3121", "RH:CVE-2021-3156"]}, {"type": "redos", "idList": ["ROS-20230619-05"]}, {"type": "rocky", "idList": ["RLSA-2020:1605", "RLSA-2020:3662", "RLSA-2020:4451", "RLSA-2020:4453", "RLSA-2020:4482", "RLSA-2020:4484", "RLSA-2020:4490", "RLSA-2020:4497", "RLSA-2020:4539", "RLSA-2020:4545", "RLSA-2020:4641", "RLSA-2020:4654", "RLSA-2020:4694", "RLSA-2020:4760", "RLSA-2020:4846", "RLSA-2020:4952", "RLSA-2021:0538", "RLSA-2021:1796", "RLSA-2021:1968"]}, {"type": "rosalinux", "idList": ["ROSA-SA-2021-1823", "ROSA-SA-2021-1835", "ROSA-SA-2021-1844", "ROSA-SA-2021-1847", "ROSA-SA-2021-1882", "ROSA-SA-2021-1891", "ROSA-SA-2021-1947", "ROSA-SA-2021-1957", "ROSA-SA-2021-1975", "ROSA-SA-2021-1985", "ROSA-SA-2023-2202", "ROSA-SA-2023-2203", "ROSA-SA-2023-2223"]}, {"type": "rubygems", "idList": ["RUBY:NOKOGIRI-2019-11068", "RUBY:NOKOGIRI-2019-13117", "RUBY:NOKOGIRI-2020-7595"]}, {"type": "slackware", "idList": ["SSA-2019-259-01", "SSA-2019-274-01", "SSA-2019-293-01", "SSA-2019-295-01", "SSA-2020-170-01", "SSA-2020-234-01", "SSA-2020-294-01", "SSA-2021-026-01", "SSA-2021-040-01", "SSA-2022-055-01"]}, {"type": "sqlite", "idList": ["SQLT:CVE-2019-20218", "SQLT:CVE-2020-13630", "SQLT:CVE-2020-13631", "SQLT:CVE-2020-13632", "SQLT:CVE-2020-6405", "SQLT:CVE-2020-9327"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1428-1", "OPENSUSE-SU-2019:1430-1", "OPENSUSE-SU-2019:1433-1", "OPENSUSE-SU-2019:1527-1", "OPENSUSE-SU-2019:1777-1", "OPENSUSE-SU-2019:1824-1", "OPENSUSE-SU-2019:1917-1", "OPENSUSE-SU-2019:2161-1", "OPENSUSE-SU-2019:2204-1", "OPENSUSE-SU-2019:2205-1", "OPENSUSE-SU-2019:2298-1", "OPENSUSE-SU-2019:2300-1", "OPENSUSE-SU-2019:2343-1", "OPENSUSE-SU-2019:2344-1", "OPENSUSE-SU-2019:2345-1", "OPENSUSE-SU-2019:2348-1", "OPENSUSE-SU-2019:2389-1", "OPENSUSE-SU-2019:2393-1", "OPENSUSE-SU-2019:2420-1", "OPENSUSE-SU-2019:2424-1", "OPENSUSE-SU-2019:2425-1", "OPENSUSE-SU-2019:2438-1", "OPENSUSE-SU-2019:2447-1", "OPENSUSE-SU-2019:2451-1", "OPENSUSE-SU-2019:2452-1", "OPENSUSE-SU-2019:2453-1", "OPENSUSE-SU-2019:2459-1", "OPENSUSE-SU-2019:2464-1", "OPENSUSE-SU-2019:2587-1", "OPENSUSE-SU-2019:2591-1", "OPENSUSE-SU-2019:2689-1", "OPENSUSE-SU-2020:0010-1", "OPENSUSE-SU-2020:0022-1", "OPENSUSE-SU-2020:0086-1", "OPENSUSE-SU-2020:0102-1", "OPENSUSE-SU-2020:0189-1", "OPENSUSE-SU-2020:0210-1", "OPENSUSE-SU-2020:0233-1", "OPENSUSE-SU-2020:0274-1", "OPENSUSE-SU-2020:0278-1", "OPENSUSE-SU-2020:0314-1", "OPENSUSE-SU-2020:0381-1", "OPENSUSE-SU-2020:0467-1", "OPENSUSE-SU-2020:0510-1", "OPENSUSE-SU-2020:0602-1", "OPENSUSE-SU-2020:0622-1", "OPENSUSE-SU-2020:0646-1", "OPENSUSE-SU-2020:0681-1", "OPENSUSE-SU-2020:0731-1", "OPENSUSE-SU-2020:0781-1", "OPENSUSE-SU-2020:0794-1", "OPENSUSE-SU-2020:0931-1", "OPENSUSE-SU-2020:0940-1", "OPENSUSE-SU-2020:0989-1", "OPENSUSE-SU-2020:1002-1", "OPENSUSE-SU-2020:1064-1", "OPENSUSE-SU-2020:1087-1", "OPENSUSE-SU-2020:1088-1", "OPENSUSE-SU-2020:1095-1", "OPENSUSE-SU-2020:1128-1", "OPENSUSE-SU-2020:1178-1", "OPENSUSE-SU-2020:1194-1", "OPENSUSE-SU-2020:1254-1", "OPENSUSE-SU-2020:1256-1", "OPENSUSE-SU-2020:1257-1", "OPENSUSE-SU-2020:1258-1", "OPENSUSE-SU-2020:1265-1", "OPENSUSE-SU-2020:1275-1", "OPENSUSE-SU-2020:1405-1", "OPENSUSE-SU-2020:1407-1", "OPENSUSE-SU-2020:1598-1", "OPENSUSE-SU-2020:1613-1", "OPENSUSE-SU-2020:1699-1", "OPENSUSE-SU-2020:1701-1", "OPENSUSE-SU-2020:1718-1", "OPENSUSE-SU-2020:1724-1", "OPENSUSE-SU-2020:1731-1", "OPENSUSE-SU-2020:1734-1", "OPENSUSE-SU-2020:1737-1", "OPENSUSE-SU-2020:1743-1", "OPENSUSE-SU-2020:1744-1", "OPENSUSE-SU-2020:1790-1", "OPENSUSE-SU-2020:1804-1", "OPENSUSE-SU-2020:1829-1", "OPENSUSE-SU-2020:1906-1", "OPENSUSE-SU-2020:1952-1", "OPENSUSE-SU-2020:1960-1", "OPENSUSE-SU-2020:1962-1", "OPENSUSE-SU-2020:2020-1", "OPENSUSE-SU-2020:2031-1", "OPENSUSE-SU-2020:2034-1", "OPENSUSE-SU-2020:2047-1", "OPENSUSE-SU-2020:2067-1", "OPENSUSE-SU-2020:2096-1", "OPENSUSE-SU-2020:2112-1", "OPENSUSE-SU-2020:2139-1", "OPENSUSE-SU-2020:2143-1", "OPENSUSE-SU-2020:2152-1", "OPENSUSE-SU-2020:2161-1", "OPENSUSE-SU-2020:2169-1", "OPENSUSE-SU-2020:2184-1", "OPENSUSE-SU-2020:2185-1", "OPENSUSE-SU-2020:2187-1", "OPENSUSE-SU-2020:2189-1", "OPENSUSE-SU-2020:2190-1", "OPENSUSE-SU-2020:2211-1", "OPENSUSE-SU-2020:2223-1", "OPENSUSE-SU-2020:2236-1", "OPENSUSE-SU-2020:2245-1", "OPENSUSE-SU-2020:2260-1", "OPENSUSE-SU-2020:2269-1", "OPENSUSE-SU-2020:2315-1", "OPENSUSE-SU-2020:2332-1", "OPENSUSE-SU-2020:2333-1", "OPENSUSE-SU-2021:0060-1", "OPENSUSE-SU-2021:0064-1", "OPENSUSE-SU-2021:0065-1", "OPENSUSE-SU-2021:0075-1", "OPENSUSE-SU-2021:0082-1", "OPENSUSE-SU-2021:0124-1", "OPENSUSE-SU-2021:0129-1", "OPENSUSE-SU-2021:0169-1", "OPENSUSE-SU-2021:0170-1", "OPENSUSE-SU-2021:0242-1", "OPENSUSE-SU-2021:0270-1", "OPENSUSE-SU-2021:0331-1", "OPENSUSE-SU-2021:0602-1", "OPENSUSE-SU-2021:1058-1", "OPENSUSE-SU-2021:1134-1", "OPENSUSE-SU-2021:2320-1", "OPENSUSE-SU-2022:0182-1", "OPENSUSE-SU-2022:0182-2", "OPENSUSE-SU-2022:0770-1", "OPENSUSE-SU-2022:2649-1", "SUSE-SU-2022:1454-1", "SUSE-SU-2022:2649-1", "SUSE-SU-2022:3655-1", "SUSE-SU-2022:3766-1"]}, {"type": "symantec", "idList": ["SMNTC-110157", "SMNTC-110222", "SMNTC-110393", "SMNTC-110454", "SMNTC-110587", "SMNTC-111158", "SMNTC-111164", "SMNTC-111352", "SMNTC-111496", "SMNTC-17570"]}, {"type": "talos", "idList": ["TALOS-2019-0777", "TALOS-2019-0943", "TALOS-2019-0967"]}, {"type": "talosblog", "idList": ["TALOSBLOG:05E3F5C3268BCA0F23A702005ACD5EDB", "TALOSBLOG:22D0EBF21CDAA0E29A36871E0EFDE522", "TALOSBLOG:4F2418AF5C1720A82D8F44CFDADB99B9"]}, {"type": "tenable", "idList": ["TENABLE:F29BAD72446123F9BCC7E3C50234FFF8"]}, {"type": "thn", "idList": ["THN:1CAE17F613AA7CBF6F4E99804811C608", "THN:1D059A29F13AF81A28C2D2770E5CD2E6", "THN:2C912D2A2005BA770BBD4A4975BD3518", "THN:5CFE6070F72F17DAC9AFD3A651C741D8", "THN:7AD5261E90CC5E52D9933B8F13139A3E", "THN:89153A67BADBEDB4D309DCACBFF2EA7F", "THN:955CBC4C8C3F414A1ED3D5F7CAA08A9F", "THN:994DFD41D5FF7D063D381DD88D9C2C34", "THN:AF0CBD71A7E1DCE8E508D374E0760687", "THN:BCD236457064C9D8673B1536BE370718", "THN:DAE548E4C591A2718BC3A3D2C9440FB1"]}, {"type": "threatpost", "idList": ["THREATPOST:2334EE5F6C03FC3ECE377B9BD44BA4E7", "THREATPOST:27232AA8871910ACCF00E8FC6A9EDEA9", "THREATPOST:3A6A7F7256BF05AA048512CF2D064F7F", "THREATPOST:3F81254E133ABD9AE724F95349C0040A", "THREATPOST:6F7E512F15913694CF17A906715FE678", "THREATPOST:7EE6BCA3A1DEFF8B86DA40BBBB994643", "THREATPOST:8B647363122969148DB6173D5DA44833", "THREATPOST:ABBA6B89522F29EE1F01F3D010F46FC0", "THREATPOST:B94C72282597270B568FB72191A99385", "THREATPOST:C408DF21547B7B4327FBAB82B97A4C96", "THREATPOST:D2398CA9B354449C8FCA1436DF9E5877", "THREATPOST:D48D061BB27415A9A171838BA457EB0E", "THREATPOST:DF87733B74489628AB9F2C89704380A9", "THREATPOST:F770D8B67D6B82405D9E85998887BDF3"]}, {"type": "ubuntu", "idList": ["LSN-0082-1", "USN-3947-1", "USN-3947-2", "USN-4040-1", "USN-4040-2", "USN-4132-1", "USN-4132-2", "USN-4151-1", "USN-4151-2", "USN-4164-1", "USN-4165-1", "USN-4178-1", "USN-4181-1", "USN-4202-1", "USN-4202-2", "USN-4205-1", "USN-4219-1", "USN-4221-1", "USN-4221-2", "USN-4236-1", "USN-4236-2", "USN-4236-3", "USN-4252-1", "USN-4252-2", "USN-4256-1", "USN-4261-1", "USN-4274-1", "USN-4281-1", "USN-4293-1", "USN-4298-1", "USN-4310-1", "USN-4327-1", "USN-4331-1", "USN-4333-1", "USN-4333-2", "USN-4335-1", "USN-4336-1", "USN-4336-2", "USN-4347-1", "USN-4349-1", "USN-4394-1", "USN-4399-1", "USN-4416-1", "USN-4422-1", "USN-4428-1", "USN-4444-1", "USN-4455-1", "USN-4468-1", "USN-4468-2", "USN-4474-1", "USN-4474-2", "USN-4476-1", "USN-4491-1", "USN-4493-1", "USN-4582-1", "USN-4593-1", "USN-4593-2", "USN-4601-1", "USN-4657-1", "USN-4658-1", "USN-4658-2", "USN-4659-1", "USN-4659-2", "USN-4660-1", "USN-4660-2", "USN-4662-1", "USN-4680-1", "USN-4698-1", "USN-4698-2", "USN-4705-1", "USN-4705-2", "USN-4745-1", "USN-4748-1", "USN-4749-1", "USN-4750-1", "USN-4751-1", "USN-4752-1", "USN-4754-3", "USN-4852-1", "USN-4912-1", "USN-4991-1", "USN-5130-1", "USN-5147-1", "USN-5200-1", "USN-5431-1", "USN-5455-1", "USN-5715-1", "USN-5725-1", "USN-5725-2", "USN-5873-1", "USN-6208-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-10103", "UB:CVE-2018-10105", "UB:CVE-2018-14461", "UB:CVE-2018-14462", "UB:CVE-2018-14463", "UB:CVE-2018-14464", "UB:CVE-2018-14465", "UB:CVE-2018-14466", "UB:CVE-2018-14467", "UB:CVE-2018-14468", "UB:CVE-2018-14469", "UB:CVE-2018-14470", "UB:CVE-2018-14879", "UB:CVE-2018-14880", "UB:CVE-2018-14881", "UB:CVE-2018-14882", "UB:CVE-2018-16227", "UB:CVE-2018-16228", "UB:CVE-2018-16229", "UB:CVE-2018-16230", "UB:CVE-2018-16300", "UB:CVE-2018-16451", "UB:CVE-2018-16452", "UB:CVE-2018-20843", "UB:CVE-2019-11068", "UB:CVE-2019-13050", "UB:CVE-2019-13627", "UB:CVE-2019-14559", "UB:CVE-2019-14889", "UB:CVE-2019-15165", "UB:CVE-2019-15166", "UB:CVE-2019-15167", "UB:CVE-2019-15903", "UB:CVE-2019-16168", "UB:CVE-2019-16935", "UB:CVE-2019-17450", "UB:CVE-2019-18197", "UB:CVE-2019-19221", "UB:CVE-2019-19906", "UB:CVE-2019-19956", "UB:CVE-2019-20218", "UB:CVE-2019-20387", "UB:CVE-2019-20388", "UB:CVE-2019-20454", "UB:CVE-2019-20807", "UB:CVE-2019-20838", "UB:CVE-2019-20907", "UB:CVE-2019-20916", "UB:CVE-2019-5018", "UB:CVE-2019-8625", "UB:CVE-2019-8710", "UB:CVE-2019-8720", "UB:CVE-2019-8743", "UB:CVE-2019-8764", "UB:CVE-2019-8766", "UB:CVE-2019-8769", "UB:CVE-2019-8771", "UB:CVE-2019-8782", "UB:CVE-2019-8783", "UB:CVE-2019-8808", "UB:CVE-2019-8811", "UB:CVE-2019-8812", "UB:CVE-2019-8813", "UB:CVE-2019-8814", "UB:CVE-2019-8815", "UB:CVE-2019-8816", "UB:CVE-2019-8819", "UB:CVE-2019-8820", "UB:CVE-2019-8823", "UB:CVE-2019-8835", "UB:CVE-2019-8844", "UB:CVE-2019-8846", "UB:CVE-2020-10018", "UB:CVE-2020-10029", "UB:CVE-2020-11793", "UB:CVE-2020-12400", "UB:CVE-2020-12403", "UB:CVE-2020-13630", "UB:CVE-2020-13631", "UB:CVE-2020-13632", "UB:CVE-2020-14040", "UB:CVE-2020-14351", "UB:CVE-2020-14382", "UB:CVE-2020-14391", "UB:CVE-2020-14422", "UB:CVE-2020-15503", "UB:CVE-2020-15586", "UB:CVE-2020-15999", "UB:CVE-2020-16845", "UB:CVE-2020-1730", "UB:CVE-2020-1751", "UB:CVE-2020-1752", "UB:CVE-2020-1971", "UB:CVE-2020-24659", "UB:CVE-2020-25681", "UB:CVE-2020-25682", "UB:CVE-2020-25683", "UB:CVE-2020-25684", "UB:CVE-2020-25685", "UB:CVE-2020-25686", "UB:CVE-2020-25687", "UB:CVE-2020-25705", "UB:CVE-2020-26160", "UB:CVE-2020-27813", "UB:CVE-2020-28362", "UB:CVE-2020-29652", "UB:CVE-2020-29661", "UB:CVE-2020-3862", "UB:CVE-2020-3864", "UB:CVE-2020-3865", "UB:CVE-2020-3867", "UB:CVE-2020-3868", "UB:CVE-2020-3885", "UB:CVE-2020-3894", "UB:CVE-2020-3895", "UB:CVE-2020-3897", "UB:CVE-2020-3899", "UB:CVE-2020-3900", "UB:CVE-2020-3901", "UB:CVE-2020-3902", "UB:CVE-2020-6405", "UB:CVE-2020-6829", "UB:CVE-2020-7595", "UB:CVE-2020-8492", "UB:CVE-2020-8619", "UB:CVE-2020-8622", "UB:CVE-2020-8623", "UB:CVE-2020-8624", "UB:CVE-2020-9283", "UB:CVE-2020-9327", "UB:CVE-2020-9802", "UB:CVE-2020-9803", "UB:CVE-2020-9805", "UB:CVE-2020-9806", "UB:CVE-2020-9807", "UB:CVE-2020-9843", "UB:CVE-2020-9850", "UB:CVE-2020-9862", "UB:CVE-2020-9893", "UB:CVE-2020-9894", "UB:CVE-2020-9895", "UB:CVE-2020-9915", "UB:CVE-2020-9925", "UB:CVE-2021-20206", "UB:CVE-2021-29482", "UB:CVE-2021-3121", "UB:CVE-2021-3156"]}, {"type": "veracode", "idList": ["VERACODE:13669", "VERACODE:20266", "VERACODE:20528", "VERACODE:20639", "VERACODE:21433", "VERACODE:21438", "VERACODE:21465", "VERACODE:21636", "VERACODE:21763", "VERACODE:22010", "VERACODE:22153", "VERACODE:22327", "VERACODE:22335", "VERACODE:22336", "VERACODE:22337", "VERACODE:22548", "VERACODE:25287", "VERACODE:25694", "VERACODE:25907", "VERACODE:26054", "VERACODE:26056", "VERACODE:26057", "VERACODE:26058", "VERACODE:26059", "VERACODE:26068", "VERACODE:26069", "VERACODE:26086", "VERACODE:26087", "VERACODE:26090", "VERACODE:26092", "VERACODE:26093", "VERACODE:26096", "VERACODE:26097", "VERACODE:26100", "VERACODE:26101", "VERACODE:26102", "VERACODE:26103", "VERACODE:26107", "VERACODE:26114", "VERACODE:26115", "VERACODE:26117", "VERACODE:26140", "VERACODE:26143", "VERACODE:26164", "VERACODE:26165", "VERACODE:26191", "VERACODE:26192", "VERACODE:26193", "VERACODE:26194", "VERACODE:26206", "VERACODE:26211", "VERACODE:26223", "VERACODE:26225", "VERACODE:26226", "VERACODE:26227", "VERACODE:26228", "VERACODE:26229", "VERACODE:26230", "VERACODE:26231", "VERACODE:26232", "VERACODE:26235", "VERACODE:26239", "VERACODE:26253", "VERACODE:26260", "VERACODE:26263", "VERACODE:26270", "VERACODE:26279", "VERACODE:26329", "VERACODE:26529", "VERACODE:26533", "VERACODE:26534", "VERACODE:26535", "VERACODE:26646", "VERACODE:27089", "VERACODE:27125", "VERACODE:27191", "VERACODE:27284", "VERACODE:27378", "VERACODE:27405", "VERACODE:27407", "VERACODE:27411", "VERACODE:27413", "VERACODE:27414", "VERACODE:27416", "VERACODE:27417", "VERACODE:27418", "VERACODE:27419", "VERACODE:27420", "VERACODE:27421", "VERACODE:27422", "VERACODE:27423", "VERACODE:27424", "VERACODE:27425", "VERACODE:27426", "VERACODE:27427", "VERACODE:27428", "VERACODE:27431", "VERACODE:27432", "VERACODE:27433", "VERACODE:27434", "VERACODE:27437", "VERACODE:27439", "VERACODE:27440", "VERACODE:27441", "VERACODE:27442", "VERACODE:27443", "VERACODE:27444", "VERACODE:27445", "VERACODE:27446", "VERACODE:27447", "VERACODE:27448", "VERACODE:27449", "VERACODE:27450", "VERACODE:27601", "VERACODE:27664", "VERACODE:27786", "VERACODE:27787", "VERACODE:27788", "VERACODE:27789", "VERACODE:27790", "VERACODE:27797", "VERACODE:27798", "VERACODE:27800", "VERACODE:27801", "VERACODE:27808", "VERACODE:27809", "VERACODE:27819", "VERACODE:27820", "VERACODE:27998", "VERACODE:28077", "VERACODE:28090", "VERACODE:28524", "VERACODE:28618", "VERACODE:28638", "VERACODE:28650", "VERACODE:28968", "VERACODE:29040", "VERACODE:29041", "VERACODE:29042", "VERACODE:29043", "VERACODE:29044", "VERACODE:29045", "VERACODE:29046", "VERACODE:29144", "VERACODE:29294", "VERACODE:29416"]}, {"type": "virtuozzo", "idList": ["VZA-2021-004", "VZA-2021-005", "VZA-2021-006", "VZA-2021-008", "VZA-2021-040"]}, {"type": "zdi", "idList": ["ZDI-19-1026", "ZDI-20-1372", "ZDI-20-144", "ZDI-20-341", "ZDI-20-672", "ZDI-20-907", "ZDI-20-909"]}, {"type": "zdt", "idList": ["1337DAY-ID-33452", "1337DAY-ID-34008", "1337DAY-ID-34305", "1337DAY-ID-34510", "1337DAY-ID-34995", "1337DAY-ID-35569", "1337DAY-ID-35741", "1337DAY-ID-35772", "1337DAY-ID-35779", "1337DAY-ID-35785"]}]}, "score": {"value": 8.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["BIND_ADVISORY18.ASC", "OPENSSL_ADVISORY32.ASC", "TCPDUMP_ADVISORY5.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:4443", "ALSA-2020:4451", "ALSA-2020:4539", "ALSA-2020:4547", "ALSA-2020:4846", "ALSA-2021:0558"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-8619", "ALPINE:CVE-2020-8622", "ALPINE:CVE-2020-8623", "ALPINE:CVE-2020-8624"]}, {"type": "amazon", "idList": ["ALAS-2019-1241", "ALAS-2020-1417", "ALAS-2020-1427", "ALAS-2020-1428", "ALAS-2020-1429", "ALAS-2020-1456", "ALAS-2020-1457", "ALAS-2020-1460", "ALAS-2020-1462", "ALAS-2020-1464", "ALAS-2020-1468", "ALAS-2020-1471", "ALAS-2021-1457", "ALAS-2021-1459", "ALAS-2021-1461", "ALAS-2021-1463", "ALAS-2021-1471", "ALAS-2021-1474", "ALAS-2021-1477", "ALAS-2021-1478", "ALAS2-2019-1376", "ALAS2-2020-1387", "ALAS2-2020-1432", "ALAS2-2020-1471", "ALAS2-2020-1479", "ALAS2-2020-1483", "ALAS2-2020-1484", "ALAS2-2020-1494", "ALAS2-2020-1510", "ALAS2-2020-1513", "ALAS2-2020-1534", "ALAS2-2020-1535", "ALAS2-2020-1559", "ALAS2-2020-1563", "ALAS2-2020-1564", "ALAS2-2020-1565", "ALAS2-2020-1566", "ALAS2-2020-1573", "ALAS2-2021-1578", "ALAS2-2021-1587", "ALAS2-2021-1588", "ALAS2-2021-1590", "ALAS2-2021-1639"]}, {"type": "androidsecurity", "idList": ["ANDROID:2020-04-01", "ANDROID:2021-01-01", "ANDROID:2021-04-01", "ANDROID:2021-05-01"]}, {"type": "apple", "idList": ["APPLE:0458C0EDF2FE61DE5E3752F33DA333D7", "APPLE:07C404431E4E9AA795FF43515E579852", "APPLE:0CE264553CBE730E0D2CF16017A5B273", "APPLE:18DA9C53BF9A01E449E85E3E61CCDEC0", "APPLE:22E5661C993E7A1F50344055EDC625BA", "APPLE:23F4B15F98B9E907DBA0469D5F0BC654", "APPLE:24F0CE6C0A090A12BFC0624F060D429D", "APPLE:2BE63E6C0ABEE62B27017A6E38BA31E8", "APPLE:2C63B730F1D775BC1F496033AB4C1E50", "APPLE:39DFCF58466CAAB3F50DE93E2A885C72", "APPLE:3D7765FAAA5588336144E1B60D0B775E", "APPLE:47A6F4E1660238E39625B31A34F6CDF1", "APPLE:4F5D2C20724C56D494032826B570F894", "APPLE:51FF6F769BC40CE415F07D8346C6A88D", "APPLE:53B6452EB8CCAAEE3940A468CD7301EF", "APPLE:5A8CFDD70DD53A4CB492643428B2B78C", "APPLE:60BF7F72692F6CFF341525F7AC92F5EC", "APPLE:7033CCA4E259F96F17D1D049B6D11BE0", "APPLE:7B414D7D6363796AB8F0EB89C5EEC383", "APPLE:82B6E79FBF3E204AFF11B0D8FA1D8701", "APPLE:8962973934F6CCC5756D8D4DB8D1F37F", "APPLE:8C1FE42B64A09C7B23ECEB4773F3CF3C", "APPLE:8EE1AE6C5FCC43369EAB8454FB35ED71", "APPLE:914AF8F52D4AB5DC92631271089CEE87", "APPLE:9AAA600C4496E1F352EC9F07A8BDC39B", "APPLE:A1A8D52172AE1DABB07F3860D96264D1", "APPLE:A795FDEEEAA9C6C9B86551E188F8FA02", "APPLE:AA327FA1C4CF3105C8CBED9D78735E12", "APPLE:AA7D20441BD99D01D8BEDE3B9762EB04", "APPLE:B079F933FC53AA9BD392638EBBEA2490", "APPLE:B52E92BE35619FA480B979F2662F87F8", "APPLE:B7C1A6678C1DA6625F5D2C92817D61DA", "APPLE:B891E6B961A423A3FA7E0836C2B1370D", "APPLE:BEA171F52CE1A41E31B39FE9FEF8FF60", "APPLE:BF1622028DAB7FB7B0D91852357DB961", "APPLE:CB6B9C8601808E98E91120E4D36A36F1", "APPLE:CC90AF91854DC3DAAF69A4D6FA63346F", "APPLE:CF9C08BD8DDC6A4A1E0D3912347422D3", "APPLE:D725BA42FF7DF9373C130EE10E8F427D", "APPLE:E7AB28D63A34D7E0CE963F4835068B5C", "APPLE:ED19354ED13D765201D7E383EBAA2805", "APPLE:F0DD36964D42DC3E67689751DBBFF908", "APPLE:F7CA1A5840C15D3C9444B9C7F4FBA655", "APPLE:F8724C8799ED31E68E5E9D403280DAB8", "APPLE:HT210603", "APPLE:HT210604", "APPLE:HT210605", "APPLE:HT210606", "APPLE:HT210607", "APPLE:HT210608", "APPLE:HT210634", "APPLE:HT210635", "APPLE:HT210636", "APPLE:HT210637", "APPLE:HT210721", "APPLE:HT210723", "APPLE:HT210724", "APPLE:HT210725", "APPLE:HT210726", "APPLE:HT210727", "APPLE:HT210728", "APPLE:HT210785", "APPLE:HT210789", "APPLE:HT210790", "APPLE:HT210792", "APPLE:HT210793", "APPLE:HT210794", "APPLE:HT210795", "APPLE:HT210918", "APPLE:HT210920", "APPLE:HT210922", "APPLE:HT210923", "APPLE:HT210947", "APPLE:HT210948", "APPLE:HT211100", "APPLE:HT211101", "APPLE:HT211102", "APPLE:HT211103", "APPLE:HT211104", "APPLE:HT211105", "APPLE:HT211106", "APPLE:HT211107", "APPLE:HT211843", "APPLE:HT211844", "APPLE:HT211850", "APPLE:HT211931", "APPLE:HT211935", "APPLE:HT211952", "APPLE:HT212177"]}, {"type": "archlinux", "idList": ["ASA-201910-15", "ASA-201910-16", "ASA-201910-17", "ASA-202002-10", "ASA-202002-3", "ASA-202002-7", "ASA-202003-4", "ASA-202003-9", "ASA-202004-11", "ASA-202004-17", "ASA-202004-23", "ASA-202006-13", "ASA-202007-1", "ASA-202011-12", "ASA-202011-15", "ASA-202011-16", "ASA-202012-24", "ASA-202101-25", "ASA-202101-38"]}, {"type": "attackerkb", "idList": ["AKB:67AA97AC-E920-4D0C-9B50-6B1C42E683D1", "AKB:B72B19ED-8E0B-4C11-9C2D-95A25BCC42A6", "AKB:BC51026B-2BE3-44B4-BB8E-2FEAC9CE2DE6", "AKB:C6F99915-AA1F-419E-A866-FCD1140D6667"]}, {"type": "avleonov", "idList": ["AVLEONOV:8378A14587C08A1636BEE66608020687"]}, {"type": "centos", "idList": ["CESA-2019:3193", "CESA-2019:3210", "CESA-2020:5009", "CESA-2020:5010", "CESA-2020:5011", "CESA-2020:5566", "CESA-2021:0153", "CESA-2021:0221", "CESA-2021:0339", "CESA-2021:0348", "CESA-2021:0856"]}, {"type": "cert", "idList": ["VU:434904", "VU:794544"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1032", "CPAI-2020-1069", "CPAI-2020-3251", "CPAI-2020-3252"]}, {"type": "checkpoint_security", "idList": ["CPS:SK171751"]}, {"type": "chrome", "idList": ["GCSA-164021554802225166", "GCSA-7216160875710850344", "GCSA-8579594118646068818"]}, {"type": "cisa", "idList": ["CISA:6AB408E664DEC2691E5D7872C63AFD97", "CISA:765265E5BF9328E9BAF09F93A1684580", "CISA:EB64BAE1A85869BDC145CE238F167D6F"]}, {"type": "cisco", "idList": ["CISCO-SA-DNSMASQ-DNS-2021-C5MRDF3G", "CISCO-SA-SUDO-PRIVESC-JAN2021-QNYQFCM"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:136BE5151C3129DFE4B735524824187D", "CFOUNDRY:13BA697370B05DA79A1C88E29233A25D", "CFOUNDRY:322886B40F0FE55C516FF12037103125", "CFOUNDRY:372C89C2034124B41C6B1DC1B76A49D9", "CFOUNDRY:3B00E04C67EFB83F5D044A76DD92B52C", "CFOUNDRY:4C29708E9DB1757C4BE1AE571C33062C", "CFOUNDRY:4CA229089D29B1A5C8F47ED6A12CAC1D", "CFOUNDRY:6842286EED83D27526CFF6743C20F98E", "CFOUNDRY:7B62E6C6256F00DF44936E8DDF0C57DB", "CFOUNDRY:7B92D9A04EEAF76D3D43537BB07E46FA", "CFOUNDRY:7CFA05FF63DADFE32E3B6B3CFD30F896", "CFOUNDRY:853E5589D5EE11B72526D65C16FA38B8", "CFOUNDRY:8CFF4A0AF748B0C857C01324EB35B6D4", "CFOUNDRY:BCFE0333C3F2E89FFDF11615D117C9AF", "CFOUNDRY:BEC31F74593CCC62B726A27E114C47CC", "CFOUNDRY:D18C016FED8F2EC566E781EC4B141FB0", "CFOUNDRY:E28868CF5495F6C7D71AC5B00564832A", "CFOUNDRY:E2EC45D69AA3550DE981BAC4E63015D3", "CFOUNDRY:E9CE0268DAFD76AE052E27B69A06ACBD"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1608724134", "CLSA-2021:1611743864", "CLSA-2021:1632261812", "CLSA-2021:1632261839", "CLSA-2021:1632401716"]}, {"type": "cve", "idList": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-20843", "CVE-2019-11068", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14559", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-18197", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-12321", "CVE-2020-12403", "CVE-2020-14351", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687", "CVE-2020-25705", "CVE-2020-27813", "CVE-2020-28362", "CVE-2020-29652", "CVE-2020-29661", "CVE-2020-3862", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-7595", "CVE-2020-9283", "CVE-2020-9327", "CVE-2021-3121", "CVE-2021-3156"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1756-1:F195F", "DEBIAN:DLA-1839-1:728E0", "DEBIAN:DLA-1912-1:CAAA9", "DEBIAN:DLA-1931-1:24E75", "DEBIAN:DLA-1931-2:63774", "DEBIAN:DLA-1955-1:22EE5", "DEBIAN:DLA-1967-1:CFF0B", "DEBIAN:DLA-1973-1:95F3B", "DEBIAN:DLA-2038-1:FD678", "DEBIAN:DLA-2044-1:26388", "DEBIAN:DLA-2048-1:4A4BD", "DEBIAN:DLA-2340-2:984C0", "DEBIAN:DLA-2415-1:46C29", "DEBIAN:DLA-2453-1:06602", "DEBIAN:DLA-2455-1:AB97D", "DEBIAN:DLA-2456-1:D70B3", "DEBIAN:DLA-2459-1:C9586", "DEBIAN:DLA-2460-1:279E8", "DEBIAN:DLA-2483-1:37DA1", "DEBIAN:DLA-2492-1:77952", "DEBIAN:DLA-2493-1:D2596", "DEBIAN:DLA-2494-1:12C95", "DEBIAN:DLA-2520-1:EDD6A", "DEBIAN:DLA-2534-1:AA5E2", "DEBIAN:DLA-2557-1:3E233", "DEBIAN:DLA-2586-1:6B2FD", "DEBIAN:DLA-2604-1:9EC79", "DEBIAN:DLA-2628-1:6F808", "DEBIAN:DLA-2645-1:92A7D", "DEBIAN:DSA-4472-1:97343", "DEBIAN:DSA-4530-1:939B7", "DEBIAN:DSA-4547-1:D6E02", "DEBIAN:DSA-4549-1:796DA", "DEBIAN:DSA-4558-1:35EA3", "DEBIAN:DSA-4591-1:7B449", "DEBIAN:DSA-4627-1:5CD4F", "DEBIAN:DSA-4638-1:8959D", "DEBIAN:DSA-4641-1:E25EB", "DEBIAN:DSA-4681-1:8167F", "DEBIAN:DSA-4807-1:B0537", "DEBIAN:DSA-4824-1:11EBB", "DEBIAN:DSA-4839-1:0839A", "DEBIAN:DSA-4843-1:3B37B", "DEBIAN:DSA-4844-1:99BC8", "DEBIAN:DSA-4848-1:D81AC"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2019-15903", "DEBIANCVE:CVE-2019-17450", "DEBIANCVE:CVE-2020-15999", "DEBIANCVE:CVE-2020-6405", "DEBIANCVE:CVE-2020-8619", "DEBIANCVE:CVE-2020-8622", "DEBIANCVE:CVE-2020-8623", "DEBIANCVE:CVE-2020-8624"]}, {"type": "exploitdb", "idList": ["EDB-ID:48121", "EDB-ID:49521", "EDB-ID:49522"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:BBAC75CC4F436EA7C87BF4A93573E140"]}, {"type": "f5", "idList": ["F5:K04367730", "F5:K08654551", "F5:K51011533", "F5:K56551263"]}, {"type": "fedora", "idList": ["FEDORA:0051430CF91F", "FEDORA:0106530962AB", "FEDORA:04BF76309A15", "FEDORA:0560630A704A", "FEDORA:067D430C2F61", "FEDORA:071096091F43", "FEDORA:08D23310004F", "FEDORA:0E74260EE4AA", "FEDORA:11D3430E663D", "FEDORA:1523A318B2F7", "FEDORA:18A3D610D7C4", "FEDORA:1A40F309F48E", "FEDORA:1B1A130A014E", "FEDORA:1D191309D1B6", "FEDORA:1D47E30F4D4F", "FEDORA:1EA356092706", "FEDORA:1F1BC30987DA", "FEDORA:1F4D830C7DBF", "FEDORA:248856062BF1", "FEDORA:24BBA6076F61", "FEDORA:2630830CCAB9", "FEDORA:282FE606E7CA", "FEDORA:2872130E6E99", "FEDORA:28FE430CB116", "FEDORA:2ACD760900BF", "FEDORA:2AEEA32A9DD3", "FEDORA:2D179607011A", "FEDORA:2F13930DEAB1", "FEDORA:2FCD530B2656", "FEDORA:2FCE26076F64", "FEDORA:30E0D6049C87", "FEDORA:32F3D30A68A9", "FEDORA:3307C348B749", "FEDORA:3382160A4425", "FEDORA:33FC666A1E20", "FEDORA:345C8607A30C", "FEDORA:353D73154ABE", "FEDORA:384B96390985", "FEDORA:4044C30CB118", "FEDORA:43A58309CB98", "FEDORA:44F56325DDAB", "FEDORA:45F45348B754", "FEDORA:4A9773111B22", "FEDORA:4E88960D8FBA", "FEDORA:5278930BDD92", "FEDORA:5361730BB4C9", "FEDORA:53B8A30C6A0B", "FEDORA:55212604E121", "FEDORA:55FE8604DFF9", "FEDORA:565F36015190", "FEDORA:578F330CA03E", "FEDORA:59DD6604B000", "FEDORA:5A09262C7A37", "FEDORA:5AB7E30E25EB", "FEDORA:5BBC634DAC43", "FEDORA:5E9E662BAB1F", "FEDORA:60E3A30D1484", "FEDORA:61CEB60525CF", "FEDORA:620E260877C1", "FEDORA:62D1A60D12B5", "FEDORA:6395E630FBA4", "FEDORA:6492C3093DD7", "FEDORA:6976D62A089B", "FEDORA:6C66A601463F", "FEDORA:6C76E608E1F6", "FEDORA:6F355304C5CD", "FEDORA:6F705313E07A", "FEDORA:706956148ECB", "FEDORA:707E930AB4A5", "FEDORA:73C1730C1E46", "FEDORA:7412960648DB", "FEDORA:79B8A317F545", "FEDORA:81544313EC94", "FEDORA:8171330C09FB", "FEDORA:824E230A6A04", "FEDORA:862A060321A8", "FEDORA:8B8553055E91", "FEDORA:8C9CB30BDABD", "FEDORA:8D0BB60525B8", "FEDORA:91EBC309F493", "FEDORA:951236162FD6", "FEDORA:9848360648DC", "FEDORA:9A814304CAC9", "FEDORA:9BD7D30CAEE8", "FEDORA:9F3DE30BA87C", "FEDORA:9F6FE6049CB5", "FEDORA:9F764605D68D", "FEDORA:A2CF8605771B", "FEDORA:A351F606CFD5", "FEDORA:A56F0309448D", "FEDORA:A7E596153F56", "FEDORA:A9E386095B4D", "FEDORA:AC9AB30BBFBA", "FEDORA:AE3D830AB4B2", "FEDORA:B050060758B6", "FEDORA:B10D0604B3B3", "FEDORA:B29916092532", "FEDORA:B36233175D48", "FEDORA:B940C60A8A0C", "FEDORA:BAFD56068146", "FEDORA:BB12030B266D", "FEDORA:BF65760525B8", "FEDORA:C00126087A1E", "FEDORA:C227A625C28A", "FEDORA:C381E30B2672", "FEDORA:C3C866194B96", "FEDORA:C3ED760C452F", "FEDORA:C43B930CE32E", "FEDORA:C6A45304CAF0", "FEDORA:C7F146099564", "FEDORA:C8A606087D99", "FEDORA:C9283634429D", "FEDORA:C9F1930D42C8", "FEDORA:CBE8E30B452C", "FEDORA:D29C830C2A6B", "FEDORA:D36A131B8B41", "FEDORA:D3B4860769F9", "FEDORA:DBC4662F3455", "FEDORA:DC4F334EB5A4", "FEDORA:DCC98600F6D1", "FEDORA:DD6063099060", "FEDORA:DE1F1304CAC9", "FEDORA:DE7A430C4609", "FEDORA:E071460876D1", "FEDORA:E3844606FD7F", "FEDORA:E4BA53093F7F", "FEDORA:E700F3072E21", "FEDORA:EA8ED3055F3B", "FEDORA:EC30530A4CD0", "FEDORA:EC73D30DA8F7", "FEDORA:F149334E497A"]}, {"type": "freebsd", "idList": ["08B553ED-537A-11EB-BE6E-0022489AD614", "1CB0AF4E-D641-4F99-9432-297A89447A97", "1D56CFC5-3970-11EB-929D-D4C9EF517024", "36B905AD-7FBB-11E9-8A5F-C85B76CE9B5A", "56BA4513-A1BE-11EB-9072-D4C9EF517024", "5B5CF6E5-5B51-11EB-95AC-7F9491278677", "92243B6A-5775-4AEA-8727-A938058DF5BA", "93167BEF-9752-11E9-B61C-B885849DED8E", "9B7491FB-F253-11E9-A50C-000C29C4DC65", "A27B0BB6-84FC-11EA-B5B4-641C67A117D8", "C9C6C2F8-CD54-11E9-AF89-080027EF1A23", "DB4B2F27-252A-11EB-865C-00155D646400", "DC8CFF4C-4063-11EA-8A94-3497F6939FDD", "E8483115-8B8E-11EA-BDCF-001B217B3468", "EFD03116-C2A9-11EA-82BC-B42E99A1B9C3", "F3CF4B33-6013-11EB-9A0E-206A8A720317", "F5ABAFC0-FCF6-11EA-8758-E0D55E2A8BF9"]}, {"type": "gentoo", "idList": ["GLSA-201908-09", "GLSA-202003-16", "GLSA-202003-22", "GLSA-202003-27", "GLSA-202003-32", "GLSA-202005-09", "GLSA-202011-12", "GLSA-202012-04", "GLSA-202012-13", "GLSA-202101-17", "GLSA-202101-20", "GLSA-202101-33"]}, {"type": "github", "idList": ["GHSA-3XH2-74W9-5VXM", "GHSA-5RCV-M4M3-HFH7", "GHSA-7553-JR98-VX47", "GHSA-FFHG-7MH4-33C4", "GHSA-W73W-5M7G-F7QC"]}, {"type": "githubexploit", "idList": ["29E9BCA7-54F3-559F-8592-052F7EC902DA", "4885CEF9-D05F-5F90-87FD-2C29C6ADAC5D", "5ACF6B43-1E0E-55AE-A3C6-2FFCB8E95A05", "6E74F3AA-DE31-51CF-AFCB-E689CEE7AC4A", "860137A6-8A6A-5B9E-8DA2-9D56B4F7F3BB", "C3C9928F-AC84-5B3E-980E-F594CABE8EA3", "CBF3EF2D-3A5B-5110-A374-4A5ADE9AC91A"]}, {"type": "googleprojectzero", "idList": ["GOOGLEPROJECTZERO:37BA7BA880E3167EF2FF653967274013", "GOOGLEPROJECTZERO:7659E73B419D190E6DA39B1523454604", "GOOGLEPROJECTZERO:82BC34EA810EB3C377CA67B9E6698CC2", "GOOGLEPROJECTZERO:91800FF4B3B97E581EBEE3342DED86A5"]}, {"type": "hackerone", "idList": ["H1:705420"]}, {"type": "hp", "idList": ["HP:C06961543"]}, {"type": "huawei", "idList": ["HUAWEI-SA-20210310-01-ESCALATION"]}, {"type": "ibm", "idList": ["023AF7CE811F35CB9EA5BD22171F66AA17D83D1B9FF44FF925D320814BAE40E2", "0A425AE154320282FF38ABB3C8BA8D3AD10793B88A3CFCA031B295F986453B12", "0FF78AF1C487DE3B1A92548681C12BB71F6CB2B0B453E94F828CDEF3248FE0FD", "18350C8CFDA428FFE8D03D8AF52B480419325DE4650723C8EB99383D1C4F7938", "19BD9444E195601BE99DC098E9C970C68F2E7A0306271E91599BA5B3726DD8AA", "1A8A5E6AC75FF4A1A546DD1431D4E3A224B13E96434DBC2C5C874D7E73D90553", "3410A57294243E5BBAFB4C69F17AC837FB02B049396A85D095AF16279272DED9", "3A0EC58D68A9FF044EFDD59A19016C7F96E811E1FC47D2E23F42FDF074B43F35", "3ED399AF209808B1374AFCAC052B0FB4EB79FD66E665BCF34B20BDBF55F1A844", "4A91EBA290B30504A8EF2EE87060FA1D3D5EF2F7A2869B4D9ACCE1C477DA4795", "4E6353F1062DDEE2F859DA9376A59A0A02E58324E8A0BB460968024ADB369792", "568C1946F6948551373693B819E984491EDA4324124EB255F933921898311FAA", "64CA83B4AAA0FF268F5AB6411B7FFA8B5E6832BCA6CEC17E2AD91907E9D5A645", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "8DEC2654592D64F2D867281F416FD4DE6D6CB55A2CF9AFFE8204C63823A299A4", "981346B4F2948F216BED89C4CD8BE79AD6F63DE1FBA4E88FB16B5600DC4A27C5", "B5AA883A7ECBB98CC082171970FB0FD2158AEB520B2B654518056D674E2939C5", "E07C0C4D82739BCF3EC12790499FE045BA8E517D49D7B04601CDBB95AF91DA23", "FD5481A8FAEA26370800B3C24D5356F2495D324636876B8458455F763A9A8B1E"]}, {"type": "ics", "idList": ["ICSA-21-334-04"]}, {"type": "kaspersky", "idList": ["KLA11579", "KLA11580", "KLA11582", "KLA11588", "KLA11589", "KLA11590", "KLA11591", "KLA11592", "KLA11593", "KLA11602", "KLA11603", "KLA11623", "KLA11624", "KLA11646", "KLA11650", "KLA11651", "KLA11660", "KLA11704", "KLA11705", "KLA11714", "KLA11721", "KLA11753", "KLA11790", "KLA11791", "KLA11926", "KLA11942", "KLA12011"]}, {"type": "kitploit", "idList": ["KITPLOIT:8766743662298222785"]}, {"type": "krebs", "idList": ["KREBS:613A537780BD40A6F8E0047CE8D3E6EC"]}, {"type": "lenovo", "idList": ["LENOVO:PS500375-INTEL-WIRELESS-BLUETOOTH-ADVISORY-NOSID"]}, {"type": "malwarebytes", "idList": ["MALWAREBYTES:40B6CEF3C04EE6E976C145960F0C4FEE", "MALWAREBYTES:663327DFA13BEF28EEE013C568D709A6"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/OSX/BROWSER/SAFARI_IN_OPERATOR_SIDE_EFFECT", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-3885/", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-3899/", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-3900/", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-9802/", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-9805/", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-9806/", "MSF:ILITIES/APPLE-ITUNES-CVE-2020-9843/", "MSF:ILITIES/APPLE-SAFARI-CVE-2020-3902/", "MSF:ILITIES/APPLE-SAFARI-CVE-2020-9802/", "MSF:ILITIES/APPLE-SAFARI-CVE-2020-9803/", "MSF:ILITIES/APPLE-SAFARI-CVE-2020-9805/", "MSF:ILITIES/APPLE-SAFARI-CVE-2020-9807/", "MSF:ILITIES/APPLE-SAFARI-CVE-2020-9850/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2019-20218/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-20218/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP8-CVE-2019-20218/", "MSF:ILITIES/ORACLE_LINUX-CVE-2020-6829/", "MSF:ILITIES/UBUNTU-CVE-2020-28588/", "MSF:ILITIES/UBUNTU-CVE-2020-6829/"]}, {"type": "mozilla", "idList": ["MFSA2020-50"]}, {"type": "mscve", "idList": ["MS:ADV200002"]}, {"type": "nessus", "idList": ["AIX_IJ20783.NASL", "AIX_IJ20784.NASL", "AIX_IJ20785.NASL", "AIX_IJ20786.NASL", "AIX_IJ29229.NASL", "AIX_IJ29230.NASL", "AIX_IJ29231.NASL", "AIX_IJ29232.NASL", "AL2_ALAS-2019-1376.NASL", "AL2_ALAS-2020-1387.NASL", "AL2_ALAS-2020-1494.NASL", "AL2_ALAS-2020-1559.NASL", "AL2_ALAS-2020-1563.NASL", "AL2_ALAS-2020-1564.NASL", "AL2_ALAS-2020-1565.NASL", "AL2_ALAS-2020-1566.NASL", "AL2_ALAS-2020-1573.NASL", "AL2_ALAS-2021-1578.NASL", "AL2_ALAS-2021-1587.NASL", "AL2_ALAS-2021-1588.NASL", "AL2_ALAS-2021-1590.NASL", "AL2_ALAS-2021-1639.NASL", "ALA_ALAS-2019-1241.NASL", "ALA_ALAS-2020-1456.NASL", "ALA_ALAS-2020-1457.NASL", "ALA_ALAS-2020-1460.NASL", "ALA_ALAS-2020-1462.NASL", "ALA_ALAS-2020-1464.NASL", "ALA_ALAS-2020-1468.NASL", "ALA_ALAS-2020-1471.NASL", "ALA_ALAS-2021-1457.NASL", "ALA_ALAS-2021-1459.NASL", "ALA_ALAS-2021-1461.NASL", "ALA_ALAS-2021-1463.NASL", "ALA_ALAS-2021-1471.NASL", "ALA_ALAS-2021-1474.NASL", "ALA_ALAS-2021-1477.NASL", "ALA_ALAS-2021-1478.NASL", "APPLETV_13_3.NASL", "APPLETV_13_3_1.NASL", "APPLETV_13_4.NASL", "CENTOS8_RHSA-2019-3196.NASL", "CENTOS8_RHSA-2019-3237.NASL", "CENTOS8_RHSA-2020-3662.NASL", "CENTOS8_RHSA-2020-3665.NASL", "CENTOS8_RHSA-2020-4432.NASL", "CENTOS8_RHSA-2020-4433.NASL", "CENTOS8_RHSA-2020-4442.NASL", "CENTOS8_RHSA-2020-4443.NASL", "CENTOS8_RHSA-2020-4444.NASL", "CENTOS8_RHSA-2020-4451.NASL", "CENTOS8_RHSA-2020-4453.NASL", "CENTOS8_RHSA-2020-4464.NASL", "CENTOS8_RHSA-2020-4465.NASL", "CENTOS8_RHSA-2020-4479.NASL", "CENTOS8_RHSA-2020-4482.NASL", "CENTOS8_RHSA-2020-4484.NASL", "CENTOS8_RHSA-2020-4490.NASL", "CENTOS8_RHSA-2020-4497.NASL", "CENTOS8_RHSA-2020-4508.NASL", "CENTOS8_RHSA-2020-4539.NASL", "CENTOS8_RHSA-2020-4542.NASL", "CENTOS8_RHSA-2020-4545.NASL", "CENTOS8_RHSA-2020-4641.NASL", "CENTOS8_RHSA-2020-4654.NASL", "CENTOS8_RHSA-2020-4694.NASL", "CENTOS8_RHSA-2020-4805.NASL", "CENTOS8_RHSA-2020-4846.NASL", "CENTOS8_RHSA-2020-4952.NASL", "CENTOS8_RHSA-2020-5476.NASL", "CENTOS8_RHSA-2020-5479.NASL", "CENTOS8_RHSA-2020-5483.NASL", "CENTOS8_RHSA-2020-5493.NASL", "CENTOS8_RHSA-2021-0150.NASL", "CENTOS8_RHSA-2021-0218.NASL", "CENTOS8_RHSA-2021-0538.NASL", "CENTOS8_RHSA-2021-1796.NASL", "CENTOS8_RHSA-2021-1968.NASL", "CENTOS_RHSA-2019-3193.NASL", "CENTOS_RHSA-2019-3210.NASL", "CENTOS_RHSA-2020-3911.NASL", "CENTOS_RHSA-2020-4035.NASL", "CENTOS_RHSA-2020-4183.NASL", "CENTOS_RHSA-2020-5009.NASL", "CENTOS_RHSA-2020-5010.NASL", "CENTOS_RHSA-2020-5011.NASL", "CENTOS_RHSA-2020-5566.NASL", "CENTOS_RHSA-2021-0153.NASL", "CENTOS_RHSA-2021-0221.NASL", "CENTOS_RHSA-2021-0339.NASL", "CENTOS_RHSA-2021-0348.NASL", "CENTOS_RHSA-2021-0856.NASL", "DEBIAN_DLA-1756.NASL", "DEBIAN_DLA-1839.NASL", "DEBIAN_DLA-1931.NASL", "DEBIAN_DLA-1955.NASL", "DEBIAN_DLA-1967.NASL", "DEBIAN_DLA-1973.NASL", "DEBIAN_DLA-2044.NASL", "DEBIAN_DLA-2048.NASL", "DEBIAN_DLA-2370.NASL", "DEBIAN_DLA-2453.NASL", "DEBIAN_DLA-2455.NASL", "DEBIAN_DLA-2456.NASL", "DEBIAN_DLA-2459.NASL", "DEBIAN_DLA-2460.NASL", "DEBIAN_DLA-2483.NASL", "DEBIAN_DLA-2492.NASL", "DEBIAN_DLA-2493.NASL", "DEBIAN_DLA-2494.NASL", "DEBIAN_DLA-2520.NASL", "DEBIAN_DLA-2534.NASL", "DEBIAN_DLA-2557.NASL", "DEBIAN_DLA-2586.NASL", "DEBIAN_DLA-2604.NASL", "DEBIAN_DLA-2628.NASL", "DEBIAN_DLA-2645.NASL", "DEBIAN_DSA-4472.NASL", "DEBIAN_DSA-4530.NASL", "DEBIAN_DSA-4547.NASL", "DEBIAN_DSA-4549.NASL", "DEBIAN_DSA-4591.NASL", "DEBIAN_DSA-4627.NASL", "DEBIAN_DSA-4638.NASL", "DEBIAN_DSA-4641.NASL", "DEBIAN_DSA-4658.NASL", "DEBIAN_DSA-4681.NASL", "DEBIAN_DSA-4807.NASL", "DEBIAN_DSA-4824.NASL", "DEBIAN_DSA-4839.NASL", "DEBIAN_DSA-4843.NASL", "DEBIAN_DSA-4844.NASL", "DEBIAN_DSA-4848.NASL", "DNSMASQ_2_83.NASL", "EULEROS_SA-2019-1317.NASL", "EULEROS_SA-2019-1592.NASL", "EULEROS_SA-2019-1606.NASL", "EULEROS_SA-2019-1625.NASL", "EULEROS_SA-2019-1758.NASL", "EULEROS_SA-2019-1783.NASL", "EULEROS_SA-2019-1841.NASL", "EULEROS_SA-2019-1935.NASL", "EULEROS_SA-2019-2276.NASL", "EULEROS_SA-2019-2286.NASL", "EULEROS_SA-2019-2290.NASL", "EULEROS_SA-2019-2305.NASL", "EULEROS_SA-2019-2442.NASL", "EULEROS_SA-2019-2456.NASL", "EULEROS_SA-2019-2541.NASL", "EULEROS_SA-2019-2551.NASL", "EULEROS_SA-2019-2612.NASL", "EULEROS_SA-2019-2627.NASL", "EULEROS_SA-2019-2653.NASL", "EULEROS_SA-2019-2703.NASL", "EULEROS_SA-2019-2712.NASL", "EULEROS_SA-2020-1044.NASL", "EULEROS_SA-2020-1048.NASL", "EULEROS_SA-2020-1050.NASL", "EULEROS_SA-2020-1072.NASL", "EULEROS_SA-2020-1074.NASL", "EULEROS_SA-2020-1075.NASL", "EULEROS_SA-2020-1079.NASL", "EULEROS_SA-2020-1082.NASL", "EULEROS_SA-2020-1085.NASL", "EULEROS_SA-2020-1117.NASL", "EULEROS_SA-2020-1132.NASL", "EULEROS_SA-2020-1145.NASL", "EULEROS_SA-2020-1153.NASL", "EULEROS_SA-2020-1159.NASL", "EULEROS_SA-2020-1164.NASL", "EULEROS_SA-2020-1165.NASL", "EULEROS_SA-2020-1180.NASL", "EULEROS_SA-2020-1212.NASL", "EULEROS_SA-2020-1249.NASL", "EULEROS_SA-2020-1509.NASL", "EULEROS_SA-2020-1510.NASL", "EULEROS_SA-2020-1514.NASL", "EULEROS_SA-2020-1516.NASL", "EULEROS_SA-2020-1533.NASL", "EULEROS_SA-2020-1558.NASL", "EULEROS_SA-2020-1562.NASL", "EULEROS_SA-2020-1569.NASL", "EULEROS_SA-2020-2479.NASL", "EULEROS_SA-2020-2481.NASL", "EULEROS_SA-2020-2483.NASL", "EULEROS_SA-2020-2487.NASL", "EULEROS_SA-2020-2490.NASL", "EULEROS_SA-2020-2494.NASL", "EULEROS_SA-2020-2496.NASL", "EULEROS_SA-2020-2500.NASL", "EULEROS_SA-2020-2503.NASL", "EULEROS_SA-2020-2510.NASL", "EULEROS_SA-2020-2514.NASL", "EULEROS_SA-2020-2523.NASL", "EULEROS_SA-2020-2573.NASL", "EULEROS_SA-2021-1001.NASL", "EULEROS_SA-2021-1009.NASL", "EULEROS_SA-2021-1014.NASL", "EULEROS_SA-2021-1020.NASL", "EULEROS_SA-2021-1028.NASL", "EULEROS_SA-2021-1033.NASL", "EULEROS_SA-2021-1059.NASL", "EULEROS_SA-2021-1073.NASL", "EULEROS_SA-2021-1079.NASL", "EULEROS_SA-2021-1104.NASL", "EULEROS_SA-2021-1115.NASL", "EULEROS_SA-2021-1134.NASL", "EULEROS_SA-2021-1138.NASL", "EULEROS_SA-2021-1148.NASL", "EULEROS_SA-2021-1160.NASL", "EULEROS_SA-2021-1173.NASL", "EULEROS_SA-2021-1200.NASL", "EULEROS_SA-2021-1242.NASL", "EULEROS_SA-2021-1244.NASL", "EULEROS_SA-2021-1257.NASL", "EULEROS_SA-2021-1261.NASL", "EULEROS_SA-2021-1263.NASL", "EULEROS_SA-2021-1265.NASL", "EULEROS_SA-2021-1276.NASL", "EULEROS_SA-2021-1281.NASL", "EULEROS_SA-2021-1282.NASL", "EULEROS_SA-2021-1288.NASL", "EULEROS_SA-2021-1311.NASL", "EULEROS_SA-2021-1338.NASL", "EULEROS_SA-2021-1339.NASL", "EULEROS_SA-2021-1366.NASL", "EULEROS_SA-2021-1374.NASL", "EULEROS_SA-2021-1375.NASL", "EULEROS_SA-2021-1376.NASL", "EULEROS_SA-2021-1386.NASL", "EULEROS_SA-2021-1388.NASL", "EULEROS_SA-2021-1389.NASL", "EULEROS_SA-2021-1390.NASL", "EULEROS_SA-2021-1408.NASL", "EULEROS_SA-2021-1411.NASL", "EULEROS_SA-2021-1418.NASL", "EULEROS_SA-2021-1424.NASL", "EULEROS_SA-2021-1454.NASL", "EULEROS_SA-2021-1458.NASL", "EULEROS_SA-2021-1459.NASL", "EULEROS_SA-2021-1468.NASL", "EULEROS_SA-2021-1469.NASL", "EULEROS_SA-2021-1505.NASL", "EULEROS_SA-2021-1520.NASL", "EULEROS_SA-2021-1532.NASL", "EULEROS_SA-2021-1536.NASL", "EULEROS_SA-2021-1549.NASL", "EULEROS_SA-2021-1551.NASL", "EULEROS_SA-2021-1572.NASL", "EULEROS_SA-2021-1575.NASL", "EULEROS_SA-2021-1582.NASL", "EULEROS_SA-2021-1585.NASL", "EULEROS_SA-2021-1589.NASL", "EULEROS_SA-2021-1594.NASL", "EULEROS_SA-2021-1598.NASL", "EULEROS_SA-2021-1615.NASL", "EULEROS_SA-2021-1619.NASL", "EULEROS_SA-2021-1623.NASL", "EULEROS_SA-2021-1624.NASL", "EULEROS_SA-2021-1630.NASL", "EULEROS_SA-2021-1633.NASL", "EULEROS_SA-2021-1637.NASL", "EULEROS_SA-2021-1640.NASL", "EULEROS_SA-2021-1642.NASL", "EULEROS_SA-2021-1647.NASL", "EULEROS_SA-2021-1648.NASL", "EULEROS_SA-2021-1652.NASL", "EULEROS_SA-2021-1656.NASL", "EULEROS_SA-2021-1668.NASL", "EULEROS_SA-2021-1669.NASL", "EULEROS_SA-2021-1670.NASL", "EULEROS_SA-2021-1673.NASL", "EULEROS_SA-2021-1684.NASL", "EULEROS_SA-2021-1695.NASL", "EULEROS_SA-2021-1696.NASL", "EULEROS_SA-2021-1707.NASL", "EULEROS_SA-2021-1767.NASL", "EULEROS_SA-2021-1775.NASL", "EULEROS_SA-2021-2542.NASL", "EULEROS_SA-2021-2566.NASL", "F5_BIGIP_SOL02663161.NASL", "F5_BIGIP_SOL09604370.NASL", "F5_BIGIP_SOL82252291.NASL", "F5_BIGIP_SOL91090139.NASL", "FEDORA_2019-139FCDA84D.NASL", "FEDORA_2019-18868E1715.NASL", "FEDORA_2019-2F259A6C0A.NASL", "FEDORA_2019-320D5295FC.NASL", "FEDORA_2019-46B6BD2459.NASL", "FEDORA_2019-4FE461079F.NASL", "FEDORA_2019-613EDFE68B.NASL", "FEDORA_2019-672AE0F060.NASL", "FEDORA_2019-6DB0D5B9D9.NASL", "FEDORA_2019-7EC5BB5D22.NASL", "FEDORA_2019-85D92DF70F.NASL", "FEDORA_2019-8B0AD69829.NASL", "FEDORA_2019-9505C6B555.NASL", "FEDORA_2019-99DB7A510E.NASL", "FEDORA_2019-A268BA7B23.NASL", "FEDORA_2019-B1636E0B70.NASL", "FEDORA_2019-B92CE3144A.NASL", "FEDORA_2019-D06BC63433.NASL", "FEDORA_2019-E21C77FFAE.NASL", "FEDORA_2019-E74D639587.NASL", "FEDORA_2019-EAA681D33E.NASL", "FEDORA_2020-0AB6656303.NASL", "FEDORA_2020-0C71C00AF4.NASL", "FEDORA_2020-11B0F45883.NASL", "FEDORA_2020-3269917C2F.NASL", "FEDORA_2020-41FE1680F6.NASL", "FEDORA_2020-4832F2BD62.NASL", "FEDORA_2020-4D11D35A1F.NASL", "FEDORA_2020-5A77F0D68F.NASL", "FEDORA_2020-5ED5AF6275.NASL", "FEDORA_2020-6B35849EDD.NASL", "FEDORA_2020-7F34D2CFD8.NASL", "FEDORA_2020-864922E78A.NASL", "FEDORA_2020-A31B01E945.NASL", "FEDORA_2020-B732958765.NASL", "FEDORA_2020-BC0CC81A7A.NASL", "FEDORA_2020-BD170E803F.NASL", "FEDORA_2020-E971480183.NASL", "FEDORA_2020-EF1870065A.NASL", "FEDORA_2021-2CB63D912A.NASL", "FEDORA_2021-2E4C3D5A9D.NASL", "FEDORA_2021-84440E87BA.NASL", "FEDORA_2021-8840CBDCCD.NASL", "FEDORA_2021-FB466FB623.NASL", "FREEBSD_PKG_08B553ED537A11EBBE6E0022489AD614.NASL", "FREEBSD_PKG_1CB0AF4ED6414F999432297A89447A97.NASL", "FREEBSD_PKG_1D56CFC5397011EB929DD4C9EF517024.NASL", "FREEBSD_PKG_2CB21232FB3211EAA929A4BF014BF5F7.NASL", "FREEBSD_PKG_36B905AD7FBB11E98A5FC85B76CE9B5A.NASL", "FREEBSD_PKG_3D7DFD63823B11EAB3A8240A644DD835.NASL", "FREEBSD_PKG_3E748551C73245F6BD88928DA16F23A8.NASL", "FREEBSD_PKG_56BA4513A1BE11EB9072D4C9EF517024.NASL", "FREEBSD_PKG_5B5CF6E55B5111EB95AC7F9491278677.NASL", "FREEBSD_PKG_92243B6A57754AEA8727A938058DF5BA.NASL", "FREEBSD_PKG_93167BEF975211E9B61CB885849DED8E.NASL", "FREEBSD_PKG_9B7491FBF25311E9A50C000C29C4DC65.NASL", "FREEBSD_PKG_A27B0BB684FC11EAB5B4641C67A117D8.NASL", "FREEBSD_PKG_C9C6C2F8CD5411E9AF89080027EF1A23.NASL", "FREEBSD_PKG_DB4B2F27252A11EB865C00155D646400.NASL", "FREEBSD_PKG_E418B8F09ABB420BA7F11D8231B352E2.NASL", "FREEBSD_PKG_E84831158B8E11EABDCF001B217B3468.NASL", "FREEBSD_PKG_EFD03116C2A911EA82BCB42E99A1B9C3.NASL", "FREEBSD_PKG_F3CF4B33601311EB9A0E206A8A720317.NASL", "FREEBSD_PKG_F5ABAFC0FCF611EA8758E0D55E2A8BF9.NASL", "GENTOO_GLSA-201908-09.NASL", "GENTOO_GLSA-202003-16.NASL", "GENTOO_GLSA-202003-22.NASL", "GENTOO_GLSA-202003-27.NASL", "GENTOO_GLSA-202003-32.NASL", "GENTOO_GLSA-202011-12.NASL", "GENTOO_GLSA-202012-04.NASL", "GENTOO_GLSA-202012-13.NASL", "GENTOO_GLSA-202101-17.NASL", "GENTOO_GLSA-202101-20.NASL", "GENTOO_GLSA-202101-33.NASL", "GOOGLE_CHROME_78_0_3904_70.NASL", "IBM_HTTP_SERVER_964768.NASL", "ITUNES_12_10_3.NASL", "ITUNES_12_10_4.NASL", "ITUNES_12_10_4_BANNER.NASL", "JFROG_ARTIFACTORY_6_23_0.NASL", "JFROG_ARTIFACTORY_7_10_1.NASL", "LCE_6_0_9.NASL", "MACOSX_GOOGLE_CHROME_78_0_3904_70.NASL", "MACOS_FIREFOX_78_5_ESR.NASL", "MACOS_FIREFOX_83_0.NASL", "MACOS_HT210634.NASL", "MACOS_HT211931.NASL", "MACOS_HT212177.NASL", "MACOS_THUNDERBIRD_78_5.NASL", "MOZILLA_FIREFOX_68_2_ESR.NASL", "MOZILLA_FIREFOX_70_0.NASL", "MOZILLA_FIREFOX_78_5_ESR.NASL", "MOZILLA_FIREFOX_83_0.NASL", "MOZILLA_THUNDERBIRD_68_2.NASL", "MOZILLA_THUNDERBIRD_78_5.NASL", "NEWSTART_CGSL_NS-SA-2019-0215_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2019-0260_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2020-0002_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2020-0003_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2020-0022_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2021-0002_THUNDERBIRD.NASL", "NEWSTART_CGSL_NS-SA-2021-0003_BIND.NASL", "NEWSTART_CGSL_NS-SA-2021-0013_FREETYPE.NASL", "NEWSTART_CGSL_NS-SA-2021-0015_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2021-0016_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0019_NSS.NASL", "NEWSTART_CGSL_NS-SA-2021-0020_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0026_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0027_LIBXSLT.NASL", "NEWSTART_CGSL_NS-SA-2021-0029_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2021-0032_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0041_WEBKITGTK4.NASL", "NEWSTART_CGSL_NS-SA-2021-0058_EDK2.NASL", "NEWSTART_CGSL_NS-SA-2021-0059_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2021-0059_WEBKIT2GTK3.NASL", "NEWSTART_CGSL_NS-SA-2021-0060_LIBSOLV.NASL", "NEWSTART_CGSL_NS-SA-2021-0061_FREETYPE.NASL", "NEWSTART_CGSL_NS-SA-2021-0061_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2021-0063_LIBRAW.NASL", "NEWSTART_CGSL_NS-SA-2021-0064_BIND.NASL", "NEWSTART_CGSL_NS-SA-2021-0064_SQLITE.NASL", "NEWSTART_CGSL_NS-SA-2021-0069_GLIBC.NASL", "NEWSTART_CGSL_NS-SA-2021-0069_LIBSSH.NASL", "NEWSTART_CGSL_NS-SA-2021-0070_PCRE2.NASL", "NEWSTART_CGSL_NS-SA-2021-0071_CYRUS-SASL.NASL", "NEWSTART_CGSL_NS-SA-2021-0071_LIBGCRYPT.NASL", "NEWSTART_CGSL_NS-SA-2021-0074_GNUTLS.NASL", "NEWSTART_CGSL_NS-SA-2021-0074_VIM.NASL", "NEWSTART_CGSL_NS-SA-2021-0076_GNOME-SETTINGS-DAEMON.NASL", "NEWSTART_CGSL_NS-SA-2021-0076_GNUPG2.NASL", "NEWSTART_CGSL_NS-SA-2021-0079_LIBARCHIVE.NASL", "NEWSTART_CGSL_NS-SA-2021-0081_PYTHON-PIP.NASL", "NEWSTART_CGSL_NS-SA-2021-0082_LINUX-FIRMWARE.NASL", "NEWSTART_CGSL_NS-SA-2021-0082_TCPDUMP.NASL", "NEWSTART_CGSL_NS-SA-2021-0083_EXPAT.NASL", "NEWSTART_CGSL_NS-SA-2021-0086_OPENSSL.NASL", "NEWSTART_CGSL_NS-SA-2021-0087_CRYPTSETUP.NASL", "NEWSTART_CGSL_NS-SA-2021-0088_LIBXSLT.NASL", "NEWSTART_CGSL_NS-SA-2021-0089_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0090_BINUTILS.NASL", "NEWSTART_CGSL_NS-SA-2021-0091_DNSMASQ.NASL", "NODEJS_2021_JAN.NASL", "OPENSUSE-2019-1428.NASL", "OPENSUSE-2019-1430.NASL", "OPENSUSE-2019-1433.NASL", "OPENSUSE-2019-1527.NASL", "OPENSUSE-2019-1777.NASL", "OPENSUSE-2019-1824.NASL", "OPENSUSE-2019-1917.NASL", "OPENSUSE-2019-2161.NASL", "OPENSUSE-2019-2204.NASL", "OPENSUSE-2019-2205.NASL", "OPENSUSE-2019-2298.NASL", "OPENSUSE-2019-2300.NASL", "OPENSUSE-2019-2343.NASL", "OPENSUSE-2019-2344.NASL", "OPENSUSE-2019-2345.NASL", "OPENSUSE-2019-2348.NASL", "OPENSUSE-2019-2389.NASL", "OPENSUSE-2019-2393.NASL", "OPENSUSE-2019-2420.NASL", "OPENSUSE-2019-2587.NASL", "OPENSUSE-2019-2591.NASL", "OPENSUSE-2019-2689.NASL", "OPENSUSE-2020-1405.NASL", "OPENSUSE-2020-1407.NASL", "OPENSUSE-2020-1901.NASL", "OPENSUSE-2020-1906.NASL", "OPENSUSE-2020-1952.NASL", "OPENSUSE-2020-1960.NASL", "OPENSUSE-2020-1962.NASL", "OPENSUSE-2020-2020.NASL", "OPENSUSE-2020-2031.NASL", "OPENSUSE-2020-2034.NASL", "OPENSUSE-2020-2047.NASL", "OPENSUSE-2020-2067.NASL", "OPENSUSE-2020-2096.NASL", "OPENSUSE-2020-2112.NASL", "OPENSUSE-2020-2139.NASL", "OPENSUSE-2020-2143.NASL", "OPENSUSE-2020-2152.NASL", "OPENSUSE-2020-2161.NASL", "OPENSUSE-2020-2169.NASL", "OPENSUSE-2020-2184.NASL", "OPENSUSE-2020-2185.NASL", "OPENSUSE-2020-2187.NASL", "OPENSUSE-2020-2189.NASL", "OPENSUSE-2020-2190.NASL", "OPENSUSE-2020-22.NASL", "OPENSUSE-2020-2211.NASL", "OPENSUSE-2020-2223.NASL", "OPENSUSE-2020-2236.NASL", "OPENSUSE-2020-2245.NASL", "OPENSUSE-2020-2260.NASL", "OPENSUSE-2020-2269.NASL", "OPENSUSE-2020-2315.NASL", "OPENSUSE-2020-2332.NASL", "OPENSUSE-2020-2333.NASL", "OPENSUSE-2020-274.NASL", "OPENSUSE-2020-278.NASL", "OPENSUSE-2020-314.NASL", "OPENSUSE-2020-602.NASL", "OPENSUSE-2020-622.NASL", "OPENSUSE-2020-646.NASL", "OPENSUSE-2020-86.NASL", "OPENSUSE-2021-124.NASL", "OPENSUSE-2021-129.NASL", "OPENSUSE-2021-169.NASL", "OPENSUSE-2021-170.NASL", "OPENSUSE-2021-242.NASL", "OPENSUSE-2021-270.NASL", "OPENSUSE-2021-331.NASL", "OPENSUSE-2021-60.NASL", "OPENSUSE-2021-602.NASL", "OPENSUSE-2021-64.NASL", "OPENSUSE-2021-65.NASL", "OPENSUSE-2021-75.NASL", "OPENSUSE-2021-82.NASL", "ORACLELINUX_ELSA-2019-3193.NASL", "ORACLELINUX_ELSA-2019-3196.NASL", "ORACLELINUX_ELSA-2019-3210.NASL", "ORACLELINUX_ELSA-2019-3237.NASL", "ORACLELINUX_ELSA-2020-4432.NASL", "ORACLELINUX_ELSA-2020-4433.NASL", "ORACLELINUX_ELSA-2020-4442.NASL", "ORACLELINUX_ELSA-2020-4443.NASL", "ORACLELINUX_ELSA-2020-4444.NASL", "ORACLELINUX_ELSA-2020-4451.NASL", "ORACLELINUX_ELSA-2020-4453.NASL", "ORACLELINUX_ELSA-2020-4464.NASL", "ORACLELINUX_ELSA-2020-4465.NASL", "ORACLELINUX_ELSA-2020-4479.NASL", "ORACLELINUX_ELSA-2020-4482.NASL", "ORACLELINUX_ELSA-2020-4484.NASL", "ORACLELINUX_ELSA-2020-4490.NASL", "ORACLELINUX_ELSA-2020-4497.NASL", "ORACLELINUX_ELSA-2020-4500.NASL", "ORACLELINUX_ELSA-2020-4508.NASL", "ORACLELINUX_ELSA-2020-4539.NASL", "ORACLELINUX_ELSA-2020-4542.NASL", "ORACLELINUX_ELSA-2020-4545.NASL", "ORACLELINUX_ELSA-2020-4547.NASL", "ORACLELINUX_ELSA-2020-4760.NASL", "ORACLELINUX_ELSA-2020-4805.NASL", "ORACLELINUX_ELSA-2020-4952.NASL", "ORACLELINUX_ELSA-2020-5009.NASL", "ORACLELINUX_ELSA-2020-5010.NASL", "ORACLELINUX_ELSA-2020-5011.NASL", "ORACLELINUX_ELSA-2020-5476.NASL", "ORACLELINUX_ELSA-2020-5483.NASL", "ORACLELINUX_ELSA-2020-5493.NASL", "ORACLELINUX_ELSA-2020-55661.NASL", "ORACLELINUX_ELSA-2021-0150.NASL", "ORACLELINUX_ELSA-2021-0153.NASL", "ORACLELINUX_ELSA-2021-0218.NASL", "ORACLELINUX_ELSA-2021-0221.NASL", "ORACLELINUX_ELSA-2021-0348.NASL", "ORACLELINUX_ELSA-2021-0538.NASL", "ORACLELINUX_ELSA-2021-0558.NASL", "ORACLELINUX_ELSA-2021-0856.NASL", "ORACLELINUX_ELSA-2021-9002.NASL", "ORACLELINUX_ELSA-2021-9006.NASL", "ORACLELINUX_ELSA-2021-9007.NASL", "ORACLELINUX_ELSA-2021-9019.NASL", "ORACLELINUX_ELSA-2021-9212.NASL", "ORACLEVM_OVMSA-2021-0001.NASL", "ORACLEVM_OVMSA-2021-0003.NASL", "ORACLE_BI_PUBLISHER_APR_2021_CPU.NASL", "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2021_CPU.NASL", "ORACLE_JAVA_CPU_JAN_2020.NASL", "ORACLE_JAVA_CPU_JAN_2020_UNIX.NASL", "ORACLE_JAVA_CPU_OCT_2019.NASL", "ORACLE_JAVA_CPU_OCT_2019_UNIX.NASL", "PHOTONOS_PHSA-2019-1_0-0224_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-1_0-0246_GNUPG.NASL", "PHOTONOS_PHSA-2019-1_0-0247_EXPAT.NASL", "PHOTONOS_PHSA-2019-1_0-0257_BINUTILS.NASL", "PHOTONOS_PHSA-2019-1_0-0257_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0152_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0171_EXPAT.NASL", "PHOTONOS_PHSA-2019-2_0-0171_GNUPG.NASL", "PHOTONOS_PHSA-2019-2_0-0182_PYTHON2.NASL", "PHOTONOS_PHSA-2019-2_0-0182_PYTHON3.NASL", "PHOTONOS_PHSA-2019-2_0-0182_TCPDUMP.NASL", "PHOTONOS_PHSA-2019-2_0-0184_SQLITE.NASL", "PHOTONOS_PHSA-2019-2_0-0187_LIBPCAP.NASL", "PHOTONOS_PHSA-2019-2_0-0189_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0190_BINUTILS.NASL", "PHOTONOS_PHSA-2019-3_0-0024_GNUPG.NASL", "PHOTONOS_PHSA-2019-3_0-0026_EXPAT.NASL", "PHOTONOS_PHSA-2019-3_0-0030_SQLITE.NASL", "PHOTONOS_PHSA-2019-3_0-0034_LIBPCAP.NASL", "PHOTONOS_PHSA-2019-3_0-0034_TCPDUMP.NASL", "PHOTONOS_PHSA-2019-3_0-0035_PYTHON2.NASL", "PHOTONOS_PHSA-2020-1_0-0264_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0283_CYRUS.NASL", "PHOTONOS_PHSA-2020-1_0-0289_SQLITE.NASL", "PHOTONOS_PHSA-2020-1_0-0345_OPENSSL.NASL", "PHOTONOS_PHSA-2020-1_0-0350_LINUX.NASL", "PHOTONOS_PHSA-2020-2_0-0200_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0234_SQLITE.NASL", "PHOTONOS_PHSA-2020-2_0-0242_GLIBC.NASL", "PHOTONOS_PHSA-2020-2_0-0304_OPENSSL.NASL", "PHOTONOS_PHSA-2020-3_0-0057_LIBSOLV.NASL", "PHOTONOS_PHSA-2020-3_0-0078_PYTHON2.NASL", "PHOTONOS_PHSA-2020-3_0-0078_PYTHON3.NASL", "PHOTONOS_PHSA-2020-3_0-0083_SQLITE.NASL", "PHOTONOS_PHSA-2020-3_0-0146_GNUTLS.NASL", "PHOTONOS_PHSA-2020-3_0-0175_NXTGN.NASL", "PHOTONOS_PHSA-2020-3_0-0175_OPENSSL.NASL", "PHOTONOS_PHSA-2021-1_0-0356_DNSMASQ.NASL", "PHOTONOS_PHSA-2021-1_0-0358_SUDO.NASL", "PHOTONOS_PHSA-2021-1_0-0404_NSS.NASL", "PHOTONOS_PHSA-2021-2_0-0308_LINUX.NASL", "PHOTONOS_PHSA-2021-2_0-0312_DNSMASQ.NASL", "PHOTONOS_PHSA-2021-2_0-0315_SUDO.NASL", "PHOTONOS_PHSA-2021-2_0-0358_NSS.NASL", "PHOTONOS_PHSA-2021-3_0-0182_LINUX.NASL", "PHOTONOS_PHSA-2021-3_0-0186_DNSMASQ.NASL", "PHOTONOS_PHSA-2021-3_0-0188_SUDO.NASL", "PHOTONOS_PHSA-2021-3_0-0254_NSS.NASL", "PHOTONOS_PHSA-2021-3_0-0303_CONSUL.NASL", "PHOTONOS_PHSA-2021-4_0-0105_CONSUL.NASL", "REDHAT-RHSA-2019-3193.NASL", "REDHAT-RHSA-2019-3196.NASL", "REDHAT-RHSA-2019-3210.NASL", "REDHAT-RHSA-2019-3237.NASL", "REDHAT-RHSA-2020-0514.NASL", "REDHAT-RHSA-2020-3911.NASL", "REDHAT-RHSA-2020-4005.NASL", "REDHAT-RHSA-2020-4035.NASL", "REDHAT-RHSA-2020-4465.NASL", "REDHAT-RHSA-2020-4479.NASL", "REDHAT-RHSA-2020-4484.NASL", "REDHAT-RHSA-2020-4992.NASL", "REDHAT-RHSA-2020-5009.NASL", "REDHAT-RHSA-2020-5010.NASL", "REDHAT-RHSA-2020-5011.NASL", "REDHAT-RHSA-2020-5054.NASL", "REDHAT-RHSA-2020-5055.NASL", "REDHAT-RHSA-2020-5056.NASL", "REDHAT-RHSA-2020-5119.NASL", "REDHAT-RHSA-2020-5159.NASL", "REDHAT-RHSA-2020-5203.NASL", "REDHAT-RHSA-2020-5218.NASL", "REDHAT-RHSA-2020-5333.NASL", "REDHAT-RHSA-2020-5416.NASL", "REDHAT-RHSA-2020-5422.NASL", "REDHAT-RHSA-2020-5476.NASL", "REDHAT-RHSA-2020-5479.NASL", "REDHAT-RHSA-2020-5483.NASL", "REDHAT-RHSA-2020-5493.NASL", "REDHAT-RHSA-2020-5566.NASL", "REDHAT-RHSA-2020-5588.NASL", "REDHAT-RHSA-2020-5623.NASL", "REDHAT-RHSA-2020-5634.NASL", "REDHAT-RHSA-2020-5637.NASL", "REDHAT-RHSA-2020-5639.NASL", "REDHAT-RHSA-2020-5640.NASL", "REDHAT-RHSA-2020-5641.NASL", "REDHAT-RHSA-2020-5642.NASL", "REDHAT-RHSA-2020-5649.NASL", "REDHAT-RHSA-2021-0038.NASL", "REDHAT-RHSA-2021-0150.NASL", "REDHAT-RHSA-2021-0151.NASL", "REDHAT-RHSA-2021-0152.NASL", "REDHAT-RHSA-2021-0153.NASL", "REDHAT-RHSA-2021-0154.NASL", "REDHAT-RHSA-2021-0155.NASL", "REDHAT-RHSA-2021-0156.NASL", "REDHAT-RHSA-2021-0183.NASL", "REDHAT-RHSA-2021-0218.NASL", "REDHAT-RHSA-2021-0219.NASL", "REDHAT-RHSA-2021-0220.NASL", "REDHAT-RHSA-2021-0221.NASL", "REDHAT-RHSA-2021-0222.NASL", "REDHAT-RHSA-2021-0223.NASL", "REDHAT-RHSA-2021-0224.NASL", "REDHAT-RHSA-2021-0225.NASL", "REDHAT-RHSA-2021-0226.NASL", "REDHAT-RHSA-2021-0227.NASL", "REDHAT-RHSA-2021-0240.NASL", "REDHAT-RHSA-2021-0245.NASL", "REDHAT-RHSA-2021-0258.NASL", "REDHAT-RHSA-2021-0266.NASL", "REDHAT-RHSA-2021-0339.NASL", "REDHAT-RHSA-2021-0348.NASL", "REDHAT-RHSA-2021-0354.NASL", "REDHAT-RHSA-2021-0395.NASL", "REDHAT-RHSA-2021-0401.NASL", "REDHAT-RHSA-2021-0486.NASL", "REDHAT-RHSA-2021-0489.NASL", "REDHAT-RHSA-2021-0494.NASL", "REDHAT-RHSA-2021-0528.NASL", "REDHAT-RHSA-2021-0537.NASL", "REDHAT-RHSA-2021-0538.NASL", "REDHAT-RHSA-2021-0558.NASL", "REDHAT-RHSA-2021-0686.NASL", "REDHAT-RHSA-2021-0689.NASL", "REDHAT-RHSA-2021-0713.NASL", "REDHAT-RHSA-2021-0758.NASL", "REDHAT-RHSA-2021-0761.NASL", "REDHAT-RHSA-2021-0763.NASL", "REDHAT-RHSA-2021-0765.NASL", "REDHAT-RHSA-2021-0774.NASL", "REDHAT-RHSA-2021-0848.NASL", "REDHAT-RHSA-2021-0856.NASL", "REDHAT-RHSA-2021-0857.NASL", "REDHAT-RHSA-2021-0862.NASL", "REDHAT-RHSA-2021-0876.NASL", "REDHAT-RHSA-2021-0878.NASL", "REDHAT-RHSA-2021-0881.NASL", "REDHAT-RHSA-2021-0940.NASL", "REDHAT-RHSA-2021-1026.NASL", "REDHAT-RHSA-2021-1028.NASL", "REDHAT-RHSA-2021-1031.NASL", "REDHAT-RHSA-2021-1267.NASL", "REDHAT-RHSA-2021-1366.NASL", "REDHAT-RHSA-2021-1551.NASL", "REDHAT-RHSA-2021-1796.NASL", "REDHAT-RHSA-2021-1968.NASL", "REDHAT-RHSA-2021-2164.NASL", "REDHAT-RHSA-2021-2191.NASL", "REDHAT_UPDATE_LEVEL.NASL", "SECURITYCENTER_5_17_0_TNS_2020_11.NASL", "SLACKWARE_SSA_2019-259-01.NASL", "SLACKWARE_SSA_2019-274-01.NASL", "SLACKWARE_SSA_2019-293-01.NASL", "SLACKWARE_SSA_2019-295-01.NASL", "SLACKWARE_SSA_2021-026-01.NASL", "SLACKWARE_SSA_2021-040-01.NASL", "SL_20191029_THUNDERBIRD_ON_SL7_X.NASL", "SL_20201110_PYTHON3_ON_SL7_X.NASL", "SL_20201110_PYTHON_ON_SL7_X.NASL", "SL_20201217_OPENSSL_ON_SL7_X.NASL", "SL_20210119_DNSMASQ_ON_SL7_X.NASL", "SL_20210126_SUDO_ON_SL7_X.NASL", "SL_20210202_GLIBC_ON_SL7_X.NASL", "SL_20210202_LINUX_FIRMWARE_ON_SL7_X.NASL", "SUSE_SU-2019-1221-1.NASL", "SUSE_SU-2019-1221-2.NASL", "SUSE_SU-2019-1232-1.NASL", "SUSE_SU-2019-1381-1.NASL", "SUSE_SU-2019-1834-1.NASL", "SUSE_SU-2019-1835-1.NASL", "SUSE_SU-2019-1973-1.NASL", "SUSE_SU-2019-2006-1.NASL", "SUSE_SU-2019-2349-1.NASL", "SUSE_SU-2019-2429-1.NASL", "SUSE_SU-2019-2440-1.NASL", "SUSE_SU-2019-2480-1.NASL", "SUSE_SU-2019-2510-1.NASL", "SUSE_SU-2019-2533-1.NASL", "SUSE_SU-2019-2536-1.NASL", "SUSE_SU-2019-2669-1.NASL", "SUSE_SU-2019-2673-1.NASL", "SUSE_SU-2019-2674-1.NASL", "SUSE_SU-2019-2743-1.NASL", "SUSE_SU-2019-2748-1.NASL", "SUSE_SU-2019-2802-1.NASL", "SUSE_SU-2019-2871-1.NASL", "SUSE_SU-2019-2872-1.NASL", "SUSE_SU-2019-3267-1.NASL", "SUSE_SU-2019-3293-1.NASL", "SUSE_SU-2019-3307-1.NASL", "SUSE_SU-2019-3308-1.NASL", "SUSE_SU-2019-3392-1.NASL", "SUSE_SU-2020-0114-1.NASL", "SUSE_SU-2020-0129-1.NASL", "SUSE_SU-2020-0130-1.NASL", "SUSE_SU-2020-0131-1.NASL", "SUSE_SU-2020-0139-1.NASL", "SUSE_SU-2020-0467-1.NASL", "SUSE_SU-2020-0468-1.NASL", "SUSE_SU-2020-0495-1.NASL", "SUSE_SU-2020-0510-1.NASL", "SUSE_SU-2020-0557-1.NASL", "SUSE_SU-2020-0568-1.NASL", "SUSE_SU-2020-0668-1.NASL", "SUSE_SU-2020-0699-1.NASL", "SUSE_SU-2020-1065-1.NASL", "SUSE_SU-2020-1109-1.NASL", "SUSE_SU-2020-1125-1.NASL", "SUSE_SU-2020-1135-1.NASL", "SUSE_SU-2020-1198-1.NASL", "SUSE_SU-2020-2609-1.NASL", "SUSE_SU-2020-2699-1.NASL", "SUSE_SU-2020-2864-1.NASL", "SUSE_SU-2020-2914-1.NASL", "SUSE_SU-2020-2988-1.NASL", "SUSE_SU-2020-2995-1.NASL", "SUSE_SU-2020-2998-1.NASL", "SUSE_SU-2020-3024-1.NASL", "SUSE_SU-2020-3060-1.NASL", "SUSE_SU-2020-3122-1.NASL", "SUSE_SU-2020-3126-1.NASL", "SUSE_SU-2020-3272-1.NASL", "SUSE_SU-2020-3281-1.NASL", "SUSE_SU-2020-3326-1.NASL", "SUSE_SU-2020-3360-1.NASL", "SUSE_SU-2020-3368-1.NASL", "SUSE_SU-2020-3369-1.NASL", "SUSE_SU-2020-3383-1.NASL", "SUSE_SU-2020-3458-1.NASL", "SUSE_SU-2020-3501-1.NASL", "SUSE_SU-2020-3503-1.NASL", "SUSE_SU-2020-3507-1.NASL", "SUSE_SU-2020-3513-1.NASL", "SUSE_SU-2020-3522-1.NASL", "SUSE_SU-2020-3532-1.NASL", "SUSE_SU-2020-3544-1.NASL", "SUSE_SU-2020-3548-1.NASL", "SUSE_SU-2020-3552-1.NASL", "SUSE_SU-2020-3563-1.NASL", "SUSE_SU-2020-3593-1.NASL", "SUSE_SU-2020-3596-1.NASL", "SUSE_SU-2020-3597-1.NASL", "SUSE_SU-2020-3651-1.NASL", "SUSE_SU-2020-3717-1.NASL", "SUSE_SU-2020-3720-1.NASL", "SUSE_SU-2020-3721-1.NASL", "SUSE_SU-2020-3722-1.NASL", "SUSE_SU-2020-3732-1.NASL", "SUSE_SU-2020-3740-1.NASL", "SUSE_SU-2020-3748-1.NASL", "SUSE_SU-2020-3762-1.NASL", "SUSE_SU-2020-3763-1.NASL", "SUSE_SU-2020-3764-1.NASL", "SUSE_SU-2020-3765-1.NASL", "SUSE_SU-2020-3865-1.NASL", "SUSE_SU-2020-3930-1.NASL", "SUSE_SU-2020-3939-1.NASL", "SUSE_SU-2021-0060-1.NASL", "SUSE_SU-2021-0062-1.NASL", "SUSE_SU-2021-0068-1.NASL", "SUSE_SU-2021-0082-1.NASL", "SUSE_SU-2021-0095-1.NASL", "SUSE_SU-2021-0098-1.NASL", "SUSE_SU-2021-0108-1.NASL", "SUSE_SU-2021-0117-1.NASL", "SUSE_SU-2021-0118-1.NASL", "SUSE_SU-2021-0133-1.NASL", "SUSE_SU-2021-0162-1.NASL", "SUSE_SU-2021-0163-1.NASL", "SUSE_SU-2021-0166-1.NASL", "SUSE_SU-2021-0225-1.NASL", "SUSE_SU-2021-0226-1.NASL", "SUSE_SU-2021-0227-1.NASL", "SUSE_SU-2021-0232-1.NASL", "SUSE_SU-2021-0344-1.NASL", "SUSE_SU-2021-0355-1.NASL", "SUSE_SU-2021-0408-1.NASL", "SUSE_SU-2021-0428-1.NASL", "SUSE_SU-2021-0432-1.NASL", "SUSE_SU-2021-0434-1.NASL", "SUSE_SU-2021-0437-1.NASL", "SUSE_SU-2021-0438-1.NASL", "SUSE_SU-2021-0452-1.NASL", "SUSE_SU-2021-0529-1.NASL", "SUSE_SU-2021-1267-1.NASL", "SUSE_SU-2021-1273-1.NASL", "SUSE_SU-2021-1274-1.NASL", "SUSE_SU-2021-1275-1.NASL", "UBUNTU_USN-3947-1.NASL", "UBUNTU_USN-4040-1.NASL", "UBUNTU_USN-4132-1.NASL", "UBUNTU_USN-4151-1.NASL", "UBUNTU_USN-4164-1.NASL", "UBUNTU_USN-4165-1.NASL", "UBUNTU_USN-4202-2.NASL", "UBUNTU_USN-4205-1.NASL", "UBUNTU_USN-4219-1.NASL", "UBUNTU_USN-4221-1.NASL", "UBUNTU_USN-4236-1.NASL", "UBUNTU_USN-4236-2.NASL", "UBUNTU_USN-4281-1.NASL", "UBUNTU_USN-4293-1.NASL", "UBUNTU_USN-4298-1.NASL", "UBUNTU_USN-4331-1.NASL", "UBUNTU_USN-4333-1.NASL", "UBUNTU_USN-4333-2.NASL", "UBUNTU_USN-4335-1.NASL", "UBUNTU_USN-4336-1.NASL", "UBUNTU_USN-4347-1.NASL", "UBUNTU_USN-4349-1.NASL", "UBUNTU_USN-4493-1.NASL", "UBUNTU_USN-4657-1.NASL", "UBUNTU_USN-4658-1.NASL", "UBUNTU_USN-4659-1.NASL", "UBUNTU_USN-4660-1.NASL", "UBUNTU_USN-4662-1.NASL", "UBUNTU_USN-4680-1.NASL", "UBUNTU_USN-4698-1.NASL", "UBUNTU_USN-4705-1.NASL", "UBUNTU_USN-4748-1.NASL", "UBUNTU_USN-4749-1.NASL", "UBUNTU_USN-4750-1.NASL", "UBUNTU_USN-4751-1.NASL", "UBUNTU_USN-4752-1.NASL", "UBUNTU_USN-4754-3.NASL", "UBUNTU_USN-4991-1.NASL", "VIRTUOZZO_VZLSA-2020-4183.NASL", "VIRTUOZZO_VZLSA-2020-5011.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310113543", "OPENVAS:1361412562310113637", "OPENVAS:1361412562310113638", "OPENVAS:1361412562310113639", "OPENVAS:1361412562310704472", "OPENVAS:1361412562310704530", "OPENVAS:1361412562310704547", "OPENVAS:1361412562310704549", "OPENVAS:1361412562310704591", "OPENVAS:1361412562310704627", "OPENVAS:1361412562310704638", "OPENVAS:1361412562310704641", "OPENVAS:1361412562310704681", "OPENVAS:1361412562310815495", "OPENVAS:1361412562310815496", "OPENVAS:1361412562310815550", "OPENVAS:1361412562310815639", "OPENVAS:1361412562310815641", "OPENVAS:1361412562310815712", "OPENVAS:1361412562310815713", "OPENVAS:1361412562310815714", "OPENVAS:1361412562310815715", "OPENVAS:1361412562310815813", "OPENVAS:1361412562310815814", "OPENVAS:1361412562310815815", "OPENVAS:1361412562310815816", "OPENVAS:1361412562310815817", "OPENVAS:1361412562310815818", "OPENVAS:1361412562310815826", "OPENVAS:1361412562310815827", "OPENVAS:1361412562310815828", "OPENVAS:1361412562310815874", "OPENVAS:1361412562310815876", "OPENVAS:1361412562310816600", "OPENVAS:1361412562310816604", "OPENVAS:1361412562310843976", "OPENVAS:1361412562310844072", "OPENVAS:1361412562310844176", "OPENVAS:1361412562310844197", "OPENVAS:1361412562310844207", "OPENVAS:1361412562310844211", "OPENVAS:1361412562310844254", "OPENVAS:1361412562310844268", "OPENVAS:1361412562310844269", "OPENVAS:1361412562310844271", "OPENVAS:1361412562310844291", "OPENVAS:1361412562310844294", "OPENVAS:1361412562310844344", "OPENVAS:1361412562310844355", "OPENVAS:1361412562310844360", "OPENVAS:1361412562310844398", "OPENVAS:1361412562310844399", "OPENVAS:1361412562310844401", "OPENVAS:1361412562310844415", "OPENVAS:1361412562310844416", "OPENVAS:1361412562310844417", "OPENVAS:1361412562310852512", "OPENVAS:1361412562310852513", "OPENVAS:1361412562310852548", "OPENVAS:1361412562310852631", "OPENVAS:1361412562310852663", "OPENVAS:1361412562310852707", "OPENVAS:1361412562310852716", "OPENVAS:1361412562310852736", "OPENVAS:1361412562310852744", "OPENVAS:1361412562310852746", "OPENVAS:1361412562310852752", "OPENVAS:1361412562310852759", "OPENVAS:1361412562310852791", "OPENVAS:1361412562310852807", "OPENVAS:1361412562310852829", "OPENVAS:1361412562310852836", "OPENVAS:1361412562310852841", "OPENVAS:1361412562310852863", "OPENVAS:1361412562310852877", "OPENVAS:1361412562310852894", "OPENVAS:1361412562310852910", "OPENVAS:1361412562310852939", "OPENVAS:1361412562310852941", "OPENVAS:1361412562310852945", "OPENVAS:1361412562310852964", "OPENVAS:1361412562310852981", "OPENVAS:1361412562310853055", "OPENVAS:1361412562310853057", "OPENVAS:1361412562310853139", "OPENVAS:1361412562310853145", "OPENVAS:1361412562310853154", "OPENVAS:1361412562310876493", "OPENVAS:1361412562310876529", "OPENVAS:1361412562310876566", "OPENVAS:1361412562310876577", "OPENVAS:1361412562310876588", "OPENVAS:1361412562310876640", "OPENVAS:1361412562310876844", "OPENVAS:1361412562310876875", "OPENVAS:1361412562310876932", "OPENVAS:1361412562310876949", "OPENVAS:1361412562310876951", "OPENVAS:1361412562310876952", "OPENVAS:1361412562310876964", "OPENVAS:1361412562310877072", "OPENVAS:1361412562310877107", "OPENVAS:1361412562310877114", "OPENVAS:1361412562310877137", "OPENVAS:1361412562310877172", "OPENVAS:1361412562310877183", "OPENVAS:1361412562310877211", "OPENVAS:1361412562310877282", "OPENVAS:1361412562310877288", "OPENVAS:1361412562310877303", "OPENVAS:1361412562310877343", "OPENVAS:1361412562310877346", "OPENVAS:1361412562310877472", "OPENVAS:1361412562310877494", "OPENVAS:1361412562310877501", "OPENVAS:1361412562310877721", "OPENVAS:1361412562310877723", "OPENVAS:1361412562310877724", "OPENVAS:1361412562310877732", "OPENVAS:1361412562310877744", "OPENVAS:1361412562310877758", "OPENVAS:1361412562310877770", "OPENVAS:1361412562310877784", "OPENVAS:1361412562310877789", "OPENVAS:1361412562310883126", "OPENVAS:1361412562310891756", "OPENVAS:1361412562310891839", "OPENVAS:1361412562310891912", "OPENVAS:1361412562310891931", "OPENVAS:1361412562310891955", "OPENVAS:1361412562310891967", "OPENVAS:1361412562310891973", "OPENVAS:1361412562310891997", "OPENVAS:1361412562310892038", "OPENVAS:1361412562310892044", "OPENVAS:1361412562310892048", "OPENVAS:1361412562311220192115", "OPENVAS:1361412562311220192290", "OPENVAS:1361412562311220201117", "OPENVAS:1361412562311220201132", "OPENVAS:1361412562311220201145", "OPENVAS:1361412562311220201153", "OPENVAS:1361412562311220201159", "OPENVAS:1361412562311220201164", "OPENVAS:1361412562311220201165", "OPENVAS:1361412562311220201180", "OPENVAS:1361412562311220201212", "OPENVAS:1361412562311220201249", "OPENVAS:1361412562311220201332", "OPENVAS:1361412562311220201336", "OPENVAS:1361412562311220201344", "OPENVAS:1361412562311220201346", "OPENVAS:1361412562311220201358", "OPENVAS:1361412562311220201362", "OPENVAS:1361412562311220201364", "OPENVAS:1361412562311220201369", "OPENVAS:1361412562311220201516", "OPENVAS:1361412562311220201533", "OPENVAS:1361412562311220201558", "OPENVAS:1361412562311220201562", "OPENVAS:1361412562311220201569"]}, {"type": "openwrt", "idList": ["OPENWRT-SA-2020-12-09-1", "OPENWRT-SA-2021-01-19-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-3210", "ELSA-2019-3237", "ELSA-2020-4432", "ELSA-2020-4433", "ELSA-2020-4442", "ELSA-2020-4443", "ELSA-2020-4444", "ELSA-2020-4451", "ELSA-2020-4453", "ELSA-2020-4464", "ELSA-2020-4465", "ELSA-2020-4479", "ELSA-2020-4482", "ELSA-2020-4484", "ELSA-2020-4490", "ELSA-2020-4497", "ELSA-2020-4500", "ELSA-2020-4508", "ELSA-2020-4539", "ELSA-2020-4542", "ELSA-2020-4545", "ELSA-2020-4547", "ELSA-2020-4760", "ELSA-2020-4805", "ELSA-2020-4952", "ELSA-2020-5009", "ELSA-2020-5010", "ELSA-2020-5011", "ELSA-2020-5476", "ELSA-2020-5483", "ELSA-2020-5493", "ELSA-2020-5566-1", "ELSA-2020-5662", "ELSA-2020-5966", "ELSA-2021-0150", "ELSA-2021-0153", "ELSA-2021-0218", "ELSA-2021-0221", "ELSA-2021-0348", "ELSA-2021-0538", "ELSA-2021-0558", "ELSA-2021-0671", "ELSA-2021-0856", "ELSA-2021-1723", "ELSA-2021-9002", "ELSA-2021-9005", "ELSA-2021-9006", "ELSA-2021-9008", "ELSA-2021-9019", "ELSA-2021-9212"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:155112", "PACKETSTORM:156480", "PACKETSTORM:157378", "PACKETSTORM:160681", "PACKETSTORM:161160", "PACKETSTORM:161230", "PACKETSTORM:161270", "PACKETSTORM:161293"]}, {"type": "paloalto", "idList": ["PA-CVE-2021-3156"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0224", "PHSA-2019-1.0-0246", "PHSA-2019-1.0-0247", "PHSA-2019-1.0-0257", "PHSA-2019-2.0-0152", "PHSA-2019-2.0-0171", "PHSA-2019-2.0-0182", "PHSA-2019-2.0-0184", "PHSA-2019-2.0-0187", "PHSA-2019-2.0-0189", "PHSA-2019-2.0-0190", "PHSA-2019-3.0-0010", "PHSA-2019-3.0-0024", "PHSA-2019-3.0-0026", "PHSA-2019-3.0-0030", "PHSA-2019-3.0-0034", "PHSA-2019-3.0-0035", "PHSA-2019-3.0-0036", "PHSA-2019-3.0-0037", "PHSA-2020-0265", "PHSA-2020-0276", "PHSA-2020-0279", "PHSA-2020-0285", "PHSA-2020-0294", "PHSA-2020-0303", "PHSA-2020-1.0-0264", "PHSA-2020-1.0-0271", "PHSA-2020-1.0-0272", "PHSA-2020-1.0-0273", "PHSA-2020-1.0-0283", "PHSA-2020-1.0-0288", "PHSA-2020-1.0-0289", "PHSA-2020-1.0-0298", "PHSA-2020-1.0-0300", "PHSA-2020-1.0-0301", "PHSA-2020-1.0-0304", "PHSA-2020-1.0-0309", "PHSA-2020-1.0-0316", "PHSA-2020-1.0-0320", "PHSA-2020-1.0-0338", "PHSA-2020-1.0-0345", "PHSA-2020-1.0-0350", "PHSA-2020-2.0-0200", "PHSA-2020-2.0-0203", "PHSA-2020-2.0-0205", "PHSA-2020-2.0-0207", "PHSA-2020-2.0-0216", "PHSA-2020-2.0-0225", "PHSA-2020-2.0-0226", "PHSA-2020-2.0-0227", "PHSA-2020-2.0-0234", "PHSA-2020-2.0-0242", "PHSA-2020-2.0-0248", "PHSA-2020-2.0-0249", "PHSA-2020-2.0-0251", "PHSA-2020-2.0-0254", "PHSA-2020-2.0-0258", "PHSA-2020-2.0-0263", "PHSA-2020-2.0-0265", "PHSA-2020-2.0-0276", "PHSA-2020-2.0-0279", "PHSA-2020-2.0-0304", "PHSA-2020-3.0-0055", "PHSA-2020-3.0-0057", "PHSA-2020-3.0-0067", "PHSA-2020-3.0-0077", "PHSA-2020-3.0-0078", "PHSA-2020-3.0-0083", "PHSA-2020-3.0-0093", "PHSA-2020-3.0-0097", "PHSA-2020-3.0-0101", "PHSA-2020-3.0-0102", "PHSA-2020-3.0-0111", "PHSA-2020-3.0-0115", "PHSA-2020-3.0-0118", "PHSA-2020-3.0-0130", "PHSA-2020-3.0-0135", "PHSA-2020-3.0-0174", "PHSA-2020-3.0-0175", "PHSA-2021-0308", "PHSA-2021-0312", "PHSA-2021-0422", "PHSA-2021-1.0-0356", "PHSA-2021-1.0-0358", "PHSA-2021-1.0-0404", "PHSA-2021-2.0-0308", "PHSA-2021-2.0-0312", "PHSA-2021-2.0-0315", "PHSA-2021-2.0-0358", "PHSA-2021-3.0-0182", "PHSA-2021-3.0-0186", "PHSA-2021-3.0-0188", "PHSA-2021-3.0-0254", "PHSA-2021-3.0-0303", "PHSA-2021-4.0-0007", "PHSA-2021-4.0-0105"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:96DCE4C98C4BF0770916E3FFC1290807", "QUALYSBLOG:A341C9278C6DD389E0F263AE83CB5579"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:46A54401F6ED43B72F664A32EA043CB8", "RAPID7BLOG:8F65784C67333FC453D98DBB9FBEBA4C", "RAPID7BLOG:B7BFF90DF2218C3CFB5ABB1CFE63700E", "RAPID7BLOG:BCCD03F6B72FD7F9410FC063D6F16682", "RAPID7BLOG:CBB459355DA52AAEA21DDFD10D5B6FDB"]}, {"type": "redhat", "idList": ["RHSA-2020:3662", "RHSA-2020:4255", "RHSA-2020:5056", "RHSA-2020:5159", "RHSA-2020:5198", "RHSA-2020:5637", "RHSA-2021:0100", "RHSA-2021:0150", "RHSA-2021:0151", "RHSA-2021:0153", "RHSA-2021:0172", "RHSA-2021:0227", "RHSA-2021:0245", "RHSA-2021:0494", "RHSA-2021:0538", "RHSA-2021:0689", "RHSA-2021:0758", "RHSA-2021:0763", "RHSA-2021:0833", "RHSA-2021:0848", "RHSA-2021:0876", "RHSA-2021:0878", "RHSA-2021:0940", "RHSA-2021:1227", "RHSA-2021:1563", "RHSA-2021:2021", "RHSA-2021:2532"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-12321", "RH:CVE-2020-14351", "RH:CVE-2020-15999", "RH:CVE-2020-1971", "RH:CVE-2020-25681", "RH:CVE-2020-25682", "RH:CVE-2020-25683", "RH:CVE-2020-25685", "RH:CVE-2020-25686", "RH:CVE-2020-25687", "RH:CVE-2020-26160", "RH:CVE-2020-28362", "RH:CVE-2020-29652", "RH:CVE-2020-29661", "RH:CVE-2021-20206", "RH:CVE-2021-3121"]}, {"type": "slackware", "idList": ["SSA-2019-259-01", "SSA-2019-274-01", "SSA-2019-293-01", "SSA-2019-295-01", "SSA-2020-170-01", "SSA-2020-234-01", "SSA-2020-294-01", "SSA-2021-026-01", "SSA-2021-040-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1428-1", "OPENSUSE-SU-2019:1430-1", "OPENSUSE-SU-2019:1433-1", "OPENSUSE-SU-2019:1527-1", "OPENSUSE-SU-2019:1777-1", "OPENSUSE-SU-2019:1917-1", "OPENSUSE-SU-2019:2161-1", "OPENSUSE-SU-2019:2204-1", "OPENSUSE-SU-2019:2205-1", "OPENSUSE-SU-2019:2298-1", "OPENSUSE-SU-2019:2300-1", "OPENSUSE-SU-2019:2343-1", "OPENSUSE-SU-2019:2344-1", "OPENSUSE-SU-2019:2345-1", "OPENSUSE-SU-2019:2348-1", "OPENSUSE-SU-2019:2389-1", "OPENSUSE-SU-2019:2393-1", "OPENSUSE-SU-2019:2420-1", "OPENSUSE-SU-2019:2424-1", "OPENSUSE-SU-2019:2425-1", "OPENSUSE-SU-2019:2438-1", "OPENSUSE-SU-2019:2447-1", "OPENSUSE-SU-2019:2689-1", "OPENSUSE-SU-2020:0010-1", "OPENSUSE-SU-2020:0022-1", "OPENSUSE-SU-2020:0086-1", "OPENSUSE-SU-2020:0102-1", "OPENSUSE-SU-2020:0233-1", "OPENSUSE-SU-2020:0274-1", "OPENSUSE-SU-2020:0278-1", "OPENSUSE-SU-2020:0314-1", "OPENSUSE-SU-2020:0602-1", "OPENSUSE-SU-2020:0622-1", "OPENSUSE-SU-2020:0646-1", "OPENSUSE-SU-2020:1598-1", "OPENSUSE-SU-2020:1613-1", "OPENSUSE-SU-2020:1724-1", "OPENSUSE-SU-2020:1731-1", "OPENSUSE-SU-2020:1734-1", "OPENSUSE-SU-2020:1737-1", "OPENSUSE-SU-2020:1743-1", "OPENSUSE-SU-2020:1744-1"]}, {"type": "symantec", "idList": ["SMNTC-17570"]}, {"type": "talos", "idList": ["TALOS-2019-0777", "TALOS-2019-0943"]}, {"type": "talosblog", "idList": ["TALOSBLOG:22D0EBF21CDAA0E29A36871E0EFDE522", "TALOSBLOG:4F2418AF5C1720A82D8F44CFDADB99B9"]}, {"type": "thn", "idList": ["THN:1D059A29F13AF81A28C2D2770E5CD2E6", "THN:2C912D2A2005BA770BBD4A4975BD3518", "THN:5CFE6070F72F17DAC9AFD3A651C741D8", "THN:89153A67BADBEDB4D309DCACBFF2EA7F", "THN:AF0CBD71A7E1DCE8E508D374E0760687", "THN:BCD236457064C9D8673B1536BE370718"]}, {"type": "threatpost", "idList": ["THREATPOST:3A6A7F7256BF05AA048512CF2D064F7F", "THREATPOST:7EE6BCA3A1DEFF8B86DA40BBBB994643", "THREATPOST:8B647363122969148DB6173D5DA44833", "THREATPOST:D2398CA9B354449C8FCA1436DF9E5877", "THREATPOST:D48D061BB27415A9A171838BA457EB0E", "THREATPOST:F770D8B67D6B82405D9E85998887BDF3"]}, {"type": "ubuntu", "idList": ["USN-3947-1", "USN-3947-2", "USN-4040-1", "USN-4040-2", "USN-4132-1", "USN-4132-2", "USN-4151-1", "USN-4151-2", "USN-4164-1", "USN-4165-1", "USN-4202-2", "USN-4219-1", "USN-4221-1", "USN-4221-2", "USN-4236-1", "USN-4236-2", "USN-4281-1", "USN-4293-1", "USN-4298-1", "USN-4333-2", "USN-4336-1", "USN-4347-1", "USN-4349-1", "USN-4657-1", "USN-4658-1", "USN-4658-2", "USN-4659-1", "USN-4659-2", "USN-4660-1", "USN-4660-2", "USN-4662-1", "USN-4680-1", "USN-4698-1", "USN-4698-2", "USN-4705-1", "USN-4705-2", "USN-4745-1", "USN-4748-1", "USN-4749-1", "USN-4750-1", "USN-4751-1", "USN-4752-1", "USN-4754-3", "USN-4991-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-20206"]}, {"type": "virtuozzo", "idList": ["VZA-2021-004", "VZA-2021-005", "VZA-2021-006", "VZA-2021-008"]}, {"type": "zdi", "idList": ["ZDI-20-1372", "ZDI-20-144", "ZDI-20-672"]}, {"type": "zdt", "idList": ["1337DAY-ID-33452", "1337DAY-ID-34008"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2018-10103", "epss": 0.01245, "percentile": 0.83455, "modified": "2023-05-07"}, {"cve": "CVE-2018-10105", "epss": 0.01245, "percentile": 0.83455, "modified": "2023-05-07"}, {"cve": "CVE-2018-14461", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14462", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14463", "epss": 0.0028, "percentile": 0.63711, "modified": "2023-05-07"}, {"cve": "CVE-2018-14464", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14465", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14466", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14467", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14468", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14469", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14470", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14879", "epss": 0.0012, "percentile": 0.4476, "modified": "2023-05-07"}, {"cve": "CVE-2018-14880", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14881", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-14882", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-16227", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-16228", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-16229", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-16230", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-16300", "epss": 0.00785, "percentile": 0.78894, "modified": "2023-05-07"}, {"cve": "CVE-2018-16451", "epss": 0.00327, "percentile": 0.66419, "modified": "2023-05-07"}, {"cve": "CVE-2018-16452", "epss": 0.00785, "percentile": 0.78894, "modified": "2023-05-07"}, {"cve": "CVE-2018-20843", "epss": 0.91481, "percentile": 0.98365, "modified": "2023-05-07"}, {"cve": "CVE-2019-11068", "epss": 0.00197, "percentile": 0.56109, "modified": "2023-05-07"}, {"cve": "CVE-2019-13050", "epss": 0.00527, "percentile": 0.73567, "modified": "2023-05-07"}, {"cve": "CVE-2019-13627", "epss": 0.0019, "percentile": 0.5498, "modified": "2023-05-07"}, {"cve": "CVE-2019-14559", "epss": 0.0009, "percentile": 0.37021, "modified": "2023-05-07"}, {"cve": "CVE-2019-14889", "epss": 0.0069, "percentile": 0.77207, "modified": "2023-05-07"}, {"cve": "CVE-2019-15165", "epss": 0.00304, "percentile": 0.65176, "modified": "2023-05-07"}, {"cve": "CVE-2019-15166", "epss": 0.00518, "percentile": 0.73326, "modified": "2023-05-07"}, {"cve": "CVE-2019-15903", "epss": 0.00365, "percentile": 0.68253, "modified": "2023-05-07"}, {"cve": "CVE-2019-16168", "epss": 0.00523, "percentile": 0.73482, "modified": "2023-05-07"}, {"cve": "CVE-2019-16935", "epss": 0.00217, "percentile": 0.58222, "modified": "2023-05-07"}, {"cve": "CVE-2019-17450", "epss": 0.00625, "percentile": 0.75836, "modified": "2023-05-07"}, {"cve": "CVE-2019-18197", "epss": 0.00684, "percentile": 0.77101, "modified": "2023-05-07"}, {"cve": "CVE-2019-19221", "epss": 0.00076, "percentile": 0.30699, "modified": "2023-05-07"}, {"cve": "CVE-2019-19906", "epss": 0.00196, "percentile": 0.55965, "modified": "2023-05-07"}, {"cve": "CVE-2019-19956", "epss": 0.00548, "percentile": 0.7407, "modified": "2023-05-07"}, {"cve": "CVE-2019-20218", "epss": 0.00535, "percentile": 0.73754, "modified": "2023-05-07"}, {"cve": "CVE-2019-20387", "epss": 0.00132, "percentile": 0.46886, "modified": "2023-05-07"}, {"cve": "CVE-2019-20388", "epss": 0.01001, "percentile": 0.81407, "modified": "2023-05-07"}, {"cve": "CVE-2019-20454", "epss": 0.00276, "percentile": 0.63437, "modified": "2023-05-07"}, {"cve": "CVE-2019-20807", "epss": 0.00048, "percentile": 0.14719, "modified": "2023-05-07"}, {"cve": "CVE-2019-20907", "epss": 0.00565, "percentile": 0.74483, "modified": "2023-05-07"}, {"cve": "CVE-2019-20916", "epss": 0.00202, "percentile": 0.56718, "modified": "2023-05-07"}, {"cve": "CVE-2019-5018", "epss": 0.11198, "percentile": 0.94294, "modified": "2023-05-07"}, {"cve": "CVE-2019-8625", "epss": 0.00096, "percentile": 0.38955, "modified": "2023-05-07"}, {"cve": "CVE-2019-8710", "epss": 0.00306, "percentile": 0.65334, "modified": "2023-05-07"}, {"cve": "CVE-2019-8720", "epss": 0.00455, "percentile": 0.71531, "modified": "2023-05-07"}, {"cve": "CVE-2019-8743", "epss": 0.00306, "percentile": 0.65334, "modified": "2023-05-07"}, {"cve": "CVE-2019-8764", "epss": 0.00217, "percentile": 0.58219, "modified": "2023-05-07"}, {"cve": "CVE-2019-8766", "epss": 0.00395, "percentile": 0.69483, "modified": "2023-05-07"}, {"cve": "CVE-2019-8769", "epss": 0.00076, "percentile": 0.30711, "modified": "2023-05-07"}, {"cve": "CVE-2019-8771", "epss": 0.00078, "percentile": 0.31743, "modified": "2023-05-07"}, {"cve": "CVE-2019-8782", "epss": 0.00533, "percentile": 0.73703, "modified": "2023-05-07"}, {"cve": "CVE-2019-8783", "epss": 0.01347, "percentile": 0.84117, "modified": "2023-05-07"}, {"cve": "CVE-2019-8808", "epss": 0.00533, "percentile": 0.73703, "modified": "2023-05-07"}, {"cve": "CVE-2019-8811", "epss": 0.00735, "percentile": 0.78062, "modified": "2023-05-07"}, {"cve": "CVE-2019-8812", "epss": 0.00533, "percentile": 0.73703, "modified": "2023-05-07"}, {"cve": "CVE-2019-8813", "epss": 0.00163, "percentile": 0.51528, "modified": "2023-05-07"}, {"cve": "CVE-2019-8814", "epss": 0.00539, "percentile": 0.73859, "modified": "2023-05-07"}, {"cve": "CVE-2019-8815", "epss": 0.00539, "percentile": 0.73859, "modified": "2023-05-07"}, {"cve": "CVE-2019-8816", "epss": 0.0059, "percentile": 0.75071, "modified": "2023-05-07"}, {"cve": "CVE-2019-8819", "epss": 0.01347, "percentile": 0.84117, "modified": "2023-05-07"}, {"cve": "CVE-2019-8820", "epss": 0.76572, "percentile": 0.97682, "modified": "2023-05-07"}, {"cve": "CVE-2019-8823", "epss": 0.01347, "percentile": 0.84117, "modified": "2023-05-07"}, {"cve": "CVE-2019-8835", "epss": 0.00321, "percentile": 0.66184, "modified": "2023-05-07"}, {"cve": "CVE-2019-8844", "epss": 0.00712, "percentile": 0.77608, "modified": "2023-05-07"}, {"cve": "CVE-2019-8846", "epss": 0.00338, "percentile": 0.6701, "modified": "2023-05-07"}, {"cve": "CVE-2020-10018", "epss": 0.00828, "percentile": 0.79548, "modified": "2023-05-07"}, {"cve": "CVE-2020-10029", "epss": 0.00063, "percentile": 0.24942, "modified": "2023-05-07"}, {"cve": "CVE-2020-11793", "epss": 0.01336, "percentile": 0.84024, "modified": "2023-05-07"}, {"cve": "CVE-2020-12321", "epss": 0.00062, "percentile": 0.24208, "modified": "2023-05-07"}, {"cve": "CVE-2020-12400", "epss": 0.00045, "percentile": 0.12227, "modified": "2023-05-07"}, {"cve": "CVE-2020-12403", "epss": 0.00143, "percentile": 0.48682, "modified": "2023-05-07"}, {"cve": "CVE-2020-13630", "epss": 0.00066, "percentile": 0.26966, "modified": "2023-05-07"}, {"cve": "CVE-2020-13631", "epss": 0.00052, "percentile": 0.18179, "modified": "2023-05-07"}, {"cve": "CVE-2020-13632", "epss": 0.00045, "percentile": 0.12687, "modified": "2023-05-07"}, {"cve": "CVE-2020-14040", "epss": 0.00105, "percentile": 0.41528, "modified": "2023-05-07"}, {"cve": "CVE-2020-14351", "epss": 0.00092, "percentile": 0.37989, "modified": "2023-05-07"}, {"cve": "CVE-2020-14382", "epss": 0.0008, "percentile": 0.32698, "modified": "2023-05-07"}, {"cve": "CVE-2020-14391", "epss": 0.00042, "percentile": 0.05667, "modified": "2023-05-07"}, {"cve": "CVE-2020-14422", "epss": 0.01257, "percentile": 0.83536, "modified": "2023-05-07"}, {"cve": "CVE-2020-15503", "epss": 0.00708, "percentile": 0.7756, "modified": "2023-05-07"}, {"cve": "CVE-2020-15586", "epss": 0.00337, "percentile": 0.66961, "modified": "2023-05-07"}, {"cve": "CVE-2020-15999", "epss": 0.08862, "percentile": 0.93605, "modified": "2023-05-07"}, {"cve": "CVE-2020-16845", "epss": 0.00337, "percentile": 0.66961, "modified": "2023-05-07"}, {"cve": "CVE-2020-1730", "epss": 0.00443, "percentile": 0.71132, "modified": "2023-05-07"}, {"cve": "CVE-2020-1751", "epss": 0.00045, "percentile": 0.121, "modified": "2023-05-07"}, {"cve": "CVE-2020-1752", "epss": 0.00099, "percentile": 0.39659, "modified": "2023-05-07"}, {"cve": "CVE-2020-1971", "epss": 0.00318, "percentile": 0.65964, "modified": "2023-05-07"}, {"cve": "CVE-2020-24659", "epss": 0.00466, "percentile": 0.71845, "modified": "2023-05-07"}, {"cve": "CVE-2020-25681", "epss": 0.4619, "percentile": 0.96865, "modified": "2023-05-07"}, {"cve": "CVE-2020-25682", "epss": 0.28679, "percentile": 0.96215, "modified": "2023-05-07"}, {"cve": "CVE-2020-25683", "epss": 0.23975, "percentile": 0.95876, "modified": "2023-05-07"}, {"cve": "CVE-2020-25684", "epss": 0.00297, "percentile": 0.64786, "modified": "2023-05-07"}, {"cve": "CVE-2020-25685", "epss": 0.00119, "percentile": 0.44568, "modified": "2023-05-07"}, {"cve": "CVE-2020-25686", "epss": 0.00175, "percentile": 0.53192, "modified": "2023-05-07"}, {"cve": "CVE-2020-25687", "epss": 0.23975, "percentile": 0.95876, "modified": "2023-05-07"}, {"cve": "CVE-2020-25705", "epss": 0.00275, "percentile": 0.6335, "modified": "2023-05-07"}, {"cve": "CVE-2020-26160", "epss": 0.00175, "percentile": 0.5316, "modified": "2023-05-07"}, {"cve": "CVE-2020-27813", "epss": 0.00131, "percentile": 0.46601, "modified": "2023-05-07"}, {"cve": "CVE-2020-28362", "epss": 0.00365, "percentile": 0.68235, "modified": "2023-05-07"}, {"cve": "CVE-2020-29652", "epss": 0.00578, "percentile": 0.74827, "modified": "2023-05-07"}, {"cve": "CVE-2020-29661", "epss": 0.00046, "percentile": 0.12753, "modified": "2023-05-07"}, {"cve": "CVE-2020-3862", "epss": 0.00168, "percentile": 0.52178, "modified": "2023-05-07"}, {"cve": "CVE-2020-3864", "epss": 0.00045, "percentile": 0.121, "modified": "2023-05-07"}, {"cve": "CVE-2020-3865", "epss": 0.00338, "percentile": 0.67027, "modified": "2023-05-07"}, {"cve": "CVE-2020-3867", "epss": 0.00159, "percentile": 0.51057, "modified": "2023-05-07"}, {"cve": "CVE-2020-3868", "epss": 0.00255, "percentile": 0.61886, "modified": "2023-05-07"}, {"cve": "CVE-2020-3885", "epss": 0.00216, "percentile": 0.5811, "modified": "2023-05-07"}, {"cve": "CVE-2020-3894", "epss": 0.02025, "percentile": 0.87197, "modified": "2023-05-07"}, {"cve": "CVE-2020-3895", "epss": 0.00901, "percentile": 0.80394, "modified": "2023-05-07"}, {"cve": "CVE-2020-3897", "epss": 0.01319, "percentile": 0.83933, "modified": "2023-05-07"}, {"cve": "CVE-2020-3899", "epss": 0.00982, "percentile": 0.81225, "modified": "2023-05-07"}, {"cve": "CVE-2020-3900", "epss": 0.00901, "percentile": 0.80394, "modified": "2023-05-07"}, {"cve": "CVE-2020-3901", "epss": 0.0089, "percentile": 0.80277, "modified": "2023-05-07"}, {"cve": "CVE-2020-3902", "epss": 0.00574, "percentile": 0.74686, "modified": "2023-05-07"}, {"cve": "CVE-2020-6405", "epss": 0.00501, "percentile": 0.72888, "modified": "2023-05-07"}, {"cve": "CVE-2020-6829", "epss": 0.00099, "percentile": 0.39851, "modified": "2023-05-07"}, {"cve": "CVE-2020-7595", "epss": 0.00484, "percentile": 0.72402, "modified": "2023-05-07"}, {"cve": "CVE-2020-8492", "epss": 0.00273, "percentile": 0.63212, "modified": "2023-05-07"}, {"cve": "CVE-2020-8619", "epss": 0.00591, "percentile": 0.751, "modified": "2023-05-07"}, {"cve": "CVE-2020-8622", "epss": 0.00425, "percentile": 0.70533, "modified": "2023-05-07"}, {"cve": "CVE-2020-8623", "epss": 0.01498, "percentile": 0.84896, "modified": "2023-05-07"}, {"cve": "CVE-2020-8624", "epss": 0.00343, "percentile": 0.67222, "modified": "2023-05-07"}, {"cve": "CVE-2020-9283", "epss": 0.05131, "percentile": 0.91743, "modified": "2023-05-07"}, {"cve": "CVE-2020-9327", "epss": 0.00817, "percentile": 0.79397, "modified": "2023-05-07"}, {"cve": "CVE-2020-9802", "epss": 0.57557, "percentile": 0.97159, "modified": "2023-05-07"}, {"cve": "CVE-2020-9803", "epss": 0.00636, "percentile": 0.76035, "modified": "2023-05-07"}, {"cve": "CVE-2020-9805", "epss": 0.00302, "percentile": 0.65036, "modified": "2023-05-07"}, {"cve": "CVE-2020-9806", "epss": 0.00639, "percentile": 0.76147, "modified": "2023-05-07"}, {"cve": "CVE-2020-9807", "epss": 0.00639, "percentile": 0.76147, "modified": "2023-05-07"}, {"cve": "CVE-2020-9843", "epss": 0.0033, "percentile": 0.66688, "modified": "2023-05-07"}, {"cve": "CVE-2020-9850", "epss": 0.4265, "percentile": 0.96768, "modified": "2023-05-07"}, {"cve": "CVE-2020-9862", "epss": 0.00116, "percentile": 0.44017, "modified": "2023-05-07"}, {"cve": "CVE-2020-9893", "epss": 0.00989, "percentile": 0.81298, "modified": "2023-05-07"}, {"cve": "CVE-2020-9894", "epss": 0.00351, "percentile": 0.67666, "modified": "2023-05-07"}, {"cve": "CVE-2020-9895", "epss": 0.01934, "percentile": 0.86867, "modified": "2023-05-07"}, {"cve": "CVE-2020-9915", "epss": 0.00196, "percentile": 0.56038, "modified": "2023-05-07"}, {"cve": "CVE-2020-9925", "epss": 0.00234, "percentile": 0.59955, "modified": "2023-05-07"}, {"cve": "CVE-2021-20206", "epss": 0.00116, "percentile": 0.44029, "modified": "2023-05-07"}, {"cve": "CVE-2021-3121", "epss": 0.0037, "percentile": 0.68507, "modified": "2023-05-07"}, {"cve": "CVE-2021-3156", "epss": 0.94383, "percentile": 0.98747, "modified": "2023-05-07"}], "vulnersScore": 8.3}, "_state": {"dependencies": 1701637463, "score": 1701636225, "epss": 0}, "_internal": {"score_hash": "98b3ae0027c123443339b95a6747b5f5"}, "affectedPackage": [], "vendorCvss": {"severity": "moderate"}}

{"redhat": [{"lastseen": "2023-12-03T20:41:19", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThe compliance-operator image updates are now available for OpenShift Container Platform 4.6.\n\nThis advisory provides the following updates among others:\n\n* Enhances profile parsing time.\n* Fixes excessive resource consumption from the Operator.\n* Fixes default content image.\n* Fixes outdated remediation handling.\n\nSecurity Fix(es):\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-16T13:11:07", "type": "redhat", "title": "(RHSA-2021:0436) Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20843", "CVE-2019-11068", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-1551", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-18197", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20386", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-11793", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15503", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-28362", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8177", "CVE-2020-8492", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2021-02-16T13:11:50", "id": "RHSA-2021:0436", "href": "https://access.redhat.com/errata/RHSA-2021:0436", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-04T15:03:02", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\nThe compliance-operator image updates are now available for OpenShift Container Platform 4.6.\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Aggregator pod tries to parse ConfigMaps without results (BZ#1899479)\n\n* The compliancesuite object returns error with ocp4-cis tailored profile (BZ#1902251)\n\n* The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object (BZ#1902634)\n\n* [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object (BZ#1907414)\n\n* The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator (BZ#1908991)\n\n* Applying the \"rhcos4-moderate\" compliance profile leads to Ignition error \"something else exists at that path\" (BZ#1909081)\n\n* [OCP v46] Always update the default profilebundles on Compliance operator startup (BZ#1909122)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-19T13:29:21", "type": "redhat", "title": "(RHSA-2021:0190) Moderate: OpenShift Container Platform 4.6 compliance-operator security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20843", "CVE-2019-11068", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-1551", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-18197", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-11793", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15503", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-27813", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8177", "CVE-2020-8492", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2021-01-19T13:35:34", "id": "RHSA-2021:0190", "href": "https://access.redhat.com/errata/RHSA-2021:0190", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-04T15:03:02", "description": "This release of Red Hat Quay v3.3.3 includes:\n\nSecurity Update(s):\n\n* quay: persistent XSS in repository notification display (CVE-2020-27832)\n\n* quay: email notifications authorization bypass (CVE-2020-27831)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nBug Fix(es):\n* NVD feed fixed in Clair-v2 (clair-jwt image)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-11T07:29:40", "type": "redhat", "title": "(RHSA-2021:0050) Moderate: Red Hat Quay v3.3.3 bug fix and security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20843", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-11793", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15503", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-27831", "CVE-2020-27832", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8492", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2021-01-11T07:30:20", "id": "RHSA-2021:0050", "href": "https://access.redhat.com/errata/RHSA-2021:0050", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-04T15:03:02", "description": "Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API.\n\nThese updated images include numerous security fixes, bug fixes, and enhancements. \n\nSecurity Fix(es):\n\n* nodejs-node-forge: prototype pollution via the util.setPath function (CVE-2020-7720)\n\n* nodejs-json-bigint: Prototype pollution via `__proto__` assignment could result in DoS (CVE-2020-8237)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nUsers are directed to the Red Hat OpenShift Container Storage Release Notes for information on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.6/html/4.6_release_notes/index\n\nAll Red Hat OpenShift Container Storage users are advised to upgrade to\nthese updated images.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-17T05:33:21", "type": "redhat", "title": "(RHSA-2020:5605) Moderate: Red Hat OpenShift Container Storage 4.6.0 security, bug fix, enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-20843", "CVE-2019-11068", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-1551", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-18197", "CVE-2019-18609", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20807", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-11793", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14019", "CVE-2020-14040", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15503", "CVE-2020-15586", "CVE-2020-16845", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-25660", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-7720", "CVE-2020-8177", "CVE-2020-8237", "CVE-2020-8492", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2020-12-17T05:36:03", "id": "RHSA-2020:5605", "href": "https://access.redhat.com/errata/RHSA-2020:5605", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-04T18:42:04", "description": "The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.\n\nThe following packages have been upgraded to a later upstream version: tcpdump (4.9.3). (BZ#1804063)\n\nSecurity Fix(es):\n\n* tcpdump: SMB data printing mishandled (CVE-2018-10103)\n\n* tcpdump: SMB data printing mishandled (CVE-2018-10105)\n\n* tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c (CVE-2018-14879)\n\n* tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)\n\n* tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)\n\n* tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)\n\n* tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)\n\n* tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)\n\n* tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)\n\n* tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)\n\n* tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)\n\n* tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)\n\n* tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)\n\n* tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)\n\n* tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)\n\n* tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)\n\n* tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)\n\n* tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)\n\n* tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)\n\n* tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)\n\n* tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)\n\n* tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)\n\n* tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)\n\n* tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-03T12:33:49", "type": "redhat", "title": "(RHSA-2020:4760) Moderate: tcpdump security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2020-11-04T00:05:56", "id": "RHSA-2020:4760", "href": "https://access.redhat.com/errata/RHSA-2020:4760", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-04T18:42:04", "description": "GNOME is the default desktop environment of Red Hat Enterprise Linux.\n\nThe following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)\n\nSecurity Fix(es):\n\n* webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)\n\n* gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n* LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-03T12:05:56", "type": "redhat", "title": "(RHSA-2020:4451) Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2021-09-01T23:22:29", "id": "RHSA-2020:4451", "href": "https://access.redhat.com/errata/RHSA-2020:4451", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-04T15:03:02", "description": "Red Hat OpenShift Serverless 1.12.0 is a generally available release of the\nOpenShift Serverless Operator. \n\nThis version of the OpenShift Serverless\nOperator is supported on Red Hat OpenShift Container Platform version 4.6, and includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.\n\nSecurity Fix(es):\n\n* golang: default Content-Type setting in net/http/cgi and net/http/fcgi could cause XSS (CVE-2020-24553)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* golang: malicious symbol names can lead to code execution at build time (CVE-2020-28366)\n\n* golang: improper validation of cgo flags can lead to code execution at build time (CVE-2020-28367)\n\nFor more details about the security issues and their impact, the CVSS\nscore, acknowledgements, and other related information, see the CVE pages\nlisted in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-01-14T13:24:22", "type": "redhat", "title": "(RHSA-2021:0146) Moderate: Release of OpenShift Serverless 1.12.0", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20843", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-5018", "CVE-2020-10029", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24553", "CVE-2020-24659", "CVE-2020-28362", "CVE-2020-28366", "CVE-2020-28367", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-9327"], "modified": "2021-01-14T13:26:31", "id": "RHSA-2021:0146", "href": "https://access.redhat.com/errata/RHSA-2021:0146", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-04T15:03:02", "description": "Red Hat OpenShift Serverless 1.11.0 is a generally available release of the\nOpenShift Serverless Operator. This version of the OpenShift Serverless\nOperator is supported on Red Hat OpenShift Container Platform version 4.6.\n\nSecurity Fix(es): \n * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, and other related information, see the CVE page(s) listed in the\nReferences section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-11-18T13:59:56", "type": "redhat", "title": "(RHSA-2020:5149) Moderate: Release of OpenShift Serverless 1.11.0", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20843", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-1551", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2020-10029", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14040", "CVE-2020-14422", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8177", "CVE-2020-8492", "CVE-2020-9327"], "modified": "2020-11-18T14:03:42", "id": "RHSA-2020:5149", "href": "https://access.redhat.com/errata/RHSA-2020:5149", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-03T20:41:19", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the extra low-latency container images for Red Hat\nOpenShift Container Platform 4.7. See the following advisory for the\ncontainer images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2020:5633\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Configuring the system with non-RT kernel will hang the system (BZ#1923220)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-02-24T18:09:49", "type": "redhat", "title": "(RHSA-2020:5364) Moderate: OpenShift Container Platform 4.7 low-latency extras security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20843", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2020-10029", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10725", "CVE-2020-10726", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14382", "CVE-2020-14422", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-25211", "CVE-2020-27813", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8492", "CVE-2020-9327"], "modified": "2021-02-24T18:10:31", "id": "RHSA-2020:5364", "href": "https://access.redhat.com/errata/RHSA-2020:5364", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-03T20:41:19", "description": "Red Hat OpenShift Serverless 1.10.2 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5.\n\nSecurity Fix(es):\n\n* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n\n* golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2021-05-19T02:03:59", "type": "redhat", "title": "(RHSA-2021:2021) Moderate: Release of OpenShift Serverless 1.10.2 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000858", "CVE-2018-20843", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14422", "CVE-2020-1730", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8492", "CVE-2020-9327", "CVE-2021-20305", "CVE-2021-3114", "CVE-2021-3115", "CVE-2021-3449", "CVE-2021-3450"], "modified": "2021-05-19T02:04:48", "id": "RHSA-2021:2021", "href": "https://access.redhat.com/errata/RHSA-2021:2021", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-12-03T20:41:24", "description": "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-19T12:37:10", "type": "redhat", "title": "(RHSA-2021:0150) Important: dnsmasq security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687"], "modified": "2021-01-19T12:56:01", "id": "RHSA-2021:0150", "href": "https://access.redhat.com/errata/RHSA-2021:0150", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-12-04T18:42:04", "description": "SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.\n\nSecurity Fix(es):\n\n* sqlite: Use-after-free in window function leading to remote code execution (CVE-2019-5018)\n\n* sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c (CVE-2019-16168)\n\n* sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (CVE-2019-20218)\n\n* sqlite: Out-of-bounds read in SELECT with ON/USING clause (CVE-2020-6405)\n\n* sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations (CVE-2020-9327)\n\n* sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c (CVE-2020-13630)\n\n* sqlite: Virtual table can be renamed into the name of one of its shadow tables (CVE-2020-13631)\n\n* sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query (CVE-2020-13632)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-03T12:04:56", "type": "redhat", "title": "(RHSA-2020:4442) Moderate: sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16168", "CVE-2019-20218", "CVE-2019-5018", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-6405", "CVE-2020-9327"], "modified": "2020-11-04T00:02:41", "id": "RHSA-2020:4442", "href": "https://access.redhat.com/errata/RHSA-2020:4442", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-12-03T20:41:24", "description": "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-19T12:36:51", "type": "redhat", "title": "(RHSA-2021:0152) Important: dnsmasq security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687"], "modified": "2021-01-19T12:56:03", "id": "RHSA-2021:0152", "href": "https://access.redhat.com/errata/RHSA-2021:0152", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-12-03T20:41:24", "description": "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-01-19T12:36:50", "type": "redhat", "title": "(RHSA-2021:0151) Important: dnsmasq security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 8.5, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687"], "modified": "2021-01-19T13:05:07", "id": "RHSA-2021:0151", "href": "https://access.redhat.com/errata/RHSA-2021:0151", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2023-12-03T20:41:19", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.0. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2020:5634\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64\n\nThe image digest is sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-s390x\n\nThe image digest is sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le\n\nThe image digest is sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.\n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)\n\n* kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* heketi: gluster-block volume password details available in logs (CVE-2020-10763)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2021-02-24T14:49:26", "type": "redhat", "title": "(RHSA-2020:5633) Moderate: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14553", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-20843", "CVE-2019-11068", "CVE-2019-12614", "CVE-2019-13050", "CVE-2019-13225", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15903", "CVE-2019-15917", "CVE-2019-15925", "CVE-2019-16167", "CVE-2019-16168", "CVE-2019-16231", "CVE-2019-16233", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-17546", "CVE-2019-18197", "CVE-2019-18808", "CVE-2019-18809", "CVE-2019-19046", "CVE-2019-19056", "CVE-2019-19062", "CVE-2019-19063", "CVE-2019-19068", "CVE-2019-19072", "CVE-2019-19221", "CVE-2019-19319", "CVE-2019-19332", "CVE-2019-19447", "CVE-2019-19524", "CVE-2019-19533", "CVE-2019-19537", "CVE-2019-19543", "CVE-2019-19602", "CVE-2019-19767", "CVE-2019-19770", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20054", "CVE-2019-20218", "CVE-2019-20386", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20636", "CVE-2019-20807", "CVE-2019-20812", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-3884", "CVE-2019-5018", "CVE-2019-6977", "CVE-2019-6978", "CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2019-9455", "CVE-2019-9458", "CVE-2020-0305", "CVE-2020-0444", "CVE-2020-10018", "CVE-2020-10029", "CVE-2020-10732", "CVE-2020-10749", "CVE-2020-10751", "CVE-2020-10763", "CVE-2020-10773", "CVE-2020-10774", "CVE-2020-10942", "CVE-2020-11565", "CVE-2020-11668", "CVE-2020-11793", "CVE-2020-12465", "CVE-2020-12655", "CVE-2020-12659", "CVE-2020-12770", "CVE-2020-12826", "CVE-2020-13249", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14019", "CVE-2020-14040", "CVE-2020-14381", "CVE-2020-14382", "CVE-2020-14391", "CVE-2020-14422", "CVE-2020-15157", "CVE-2020-15503", "CVE-2020-15862", "CVE-2020-15999", "CVE-2020-16166", "CVE-2020-1716", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24490", "CVE-2020-24659", "CVE-2020-25211", "CVE-2020-25641", "CVE-2020-25658", "CVE-2020-25661", "CVE-2020-25662", "CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687", "CVE-2020-25694", "CVE-2020-25696", "CVE-2020-2574", "CVE-2020-26160", "CVE-2020-2752", "CVE-2020-27813", "CVE-2020-27846", "CVE-2020-28362", "CVE-2020-2922", "CVE-2020-29652", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3898", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-7774", "CVE-2020-8177", "CVE-2020-8492", "CVE-2020-8563", "CVE-2020-8566", "CVE-2020-8619", "CVE-2020-8622", "CVE-2020-8623", "CVE-2020-8624", "CVE-2020-8647", "CVE-2020-8648", "CVE-2020-8649", "CVE-2020-9327", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2021-2007", "CVE-2021-26539", "CVE-2021-3121"], "modified": "2021-03-02T01:56:45", "id": "RHSA-2020:5633", "href": "https://access.redhat.com/errata/RHSA-2020:5633", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "almalinux": [{"lastseen": "2023-12-03T17:28:39", "description": "GNOME is the default desktop environment of AlmaLinux.\n\nThe following packages have been upgraded to a later upstream version: gnome-remote-desktop (0.1.8), pipewire (0.3.6), vte291 (0.52.4), webkit2gtk3 (2.28.4), xdg-desktop-portal (1.6.0), xdg-desktop-portal-gtk (1.6.0). (BZ#1775345, BZ#1779691, BZ#1817143, BZ#1832347, BZ#1837406)\n\nSecurity Fix(es):\n\n* webkitgtk: Multiple security issues (CVE-2019-8625, CVE-2019-8710, CVE-2019-8720, CVE-2019-8743, CVE-2019-8764, CVE-2019-8766, CVE-2019-8769, CVE-2019-8771, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8813, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2019-8835, CVE-2019-8844, CVE-2019-8846, CVE-2020-3862, CVE-2020-3864, CVE-2020-3865, CVE-2020-3867, CVE-2020-3868, CVE-2020-3885, CVE-2020-3894, CVE-2020-3895, CVE-2020-3897, CVE-2020-3899, CVE-2020-3900, CVE-2020-3901, CVE-2020-3902, CVE-2020-9802, CVE-2020-9803, CVE-2020-9805, CVE-2020-9806, CVE-2020-9807, CVE-2020-9843, CVE-2020-9850, CVE-2020-9862, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, CVE-2020-9925, CVE-2020-10018, CVE-2020-11793)\n\n* gnome-settings-daemon: AlmaLinux Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n* LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-03T12:05:56", "type": "almalinux", "title": "Moderate: GNOME security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2021-11-12T10:20:56", "id": "ALSA-2020:4451", "href": "https://errata.almalinux.org/8/ALSA-2020-4451.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-11T15:48:29", "description": "The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.\n\nThe following packages have been upgraded to a later upstream version: tcpdump (4.9.3). (BZ#1804063)\n\nSecurity Fix(es):\n\n* tcpdump: SMB data printing mishandled (CVE-2018-10103)\n\n* tcpdump: SMB data printing mishandled (CVE-2018-10105)\n\n* tcpdump: Out of bounds read/write in get_next_file() in tcpdump.c (CVE-2018-14879)\n\n* tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)\n\n* tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)\n\n* tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)\n\n* tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)\n\n* tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)\n\n* tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)\n\n* tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)\n\n* tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)\n\n* tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)\n\n* tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)\n\n* tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)\n\n* tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)\n\n* tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)\n\n* tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)\n\n* tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)\n\n* tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)\n\n* tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)\n\n* tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)\n\n* tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)\n\n* tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)\n\n* tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-03T12:33:49", "type": "almalinux", "title": "Moderate: tcpdump security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-08-11T13:42:14", "id": "ALSA-2020:4760", "href": "https://errata.almalinux.org/8/ALSA-2020-4760.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-11T15:48:34", "description": "The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol) server.\n\nSecurity Fix(es):\n\n* dnsmasq: heap-based buffer overflow in sort_rrset() when DNSSEC is enabled (CVE-2020-25681)\n\n* dnsmasq: buffer overflow in extract_name() due to missing length check when DNSSEC is enabled (CVE-2020-25682)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled (CVE-2020-25683)\n\n* dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684)\n\n* dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685)\n\n* dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686)\n\n* dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled (CVE-2020-25687)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-19T12:37:10", "type": "almalinux", "title": "Important: dnsmasq security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "COMPLETE", "integrityImpact": "PARTIAL", "baseScore": 8.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 8.5, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-25681", "CVE-2020-25682", "CVE-2020-25683", "CVE-2020-25684", "CVE-2020-25685", "CVE-2020-25686", "CVE-2020-25687"], "modified": "2021-08-11T13:42:14", "id": "ALSA-2021:0150", "href": "https://errata.almalinux.org/8/ALSA-2021-0150.html", "cvss": {"score": 8.3, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:C"}}, {"lastseen": "2021-11-12T15:49:57", "description": "SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.\n\nSecurity Fix(es):\n\n* sqlite: Use-after-free in window function leading to remote code execution (CVE-2019-5018)\n\n* sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c (CVE-2019-16168)\n\n* sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error (CVE-2019-20218)\n\n* sqlite: Out-of-bounds read in SELECT with ON/USING clause (CVE-2020-6405)\n\n* sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations (CVE-2020-9327)\n\n* sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c (CVE-2020-13630)\n\n* sqlite: Virtual table can be renamed into the name of one of its shadow tables (CVE-2020-13631)\n\n* sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query (CVE-2020-13632)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-11-03T12:04:56", "type": "almalinux", "title": "Moderate: sqlite security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-16168", "CVE-2019-20218", "CVE-2019-5018", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-6405", "CVE-2020-9327"], "modified": "2021-08-11T08:41:45", "id": "ALSA-2020:4442", "href": "https://errata.almalinux.org/8/ALSA-2020-4442.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-06-27T14:16:36", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710, CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806, CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893, CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : GNOME (CESA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:libraw", "p-cpe:/a:centos:centos:libraw-devel", "p-cpe:/a:centos:centos:gnome-settings-daemon", "p-cpe:/a:centos:centos:webkit2gtk3", "p-cpe:/a:centos:centos:webkit2gtk3-devel", "p-cpe:/a:centos:centos:webkit2gtk3-jsc", "p-cpe:/a:centos:centos:webkit2gtk3-jsc-devel"], "id": "CENTOS8_RHSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/145826", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:4451. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145826);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\"\n );\n script_xref(name:\"RHSA\", value:\"2020:4451\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"CentOS 8 : GNOME (CESA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625,\n CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710,\n CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812,\n CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835,\n CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when\n user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806,\n CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893,\n CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution\n (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4451\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:webkit2gtk3-jsc-devel\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / gnome-settings-daemon / webkit2gtk3 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-27T14:22:20", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4451 advisory.\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : GNOME (ELSA-2020-4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2022-05-25T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:libraw", "p-cpe:/a:oracle:linux:libraw-devel", "p-cpe:/a:oracle:linux:packagekit", "p-cpe:/a:oracle:linux:packagekit-command-not-found", "p-cpe:/a:oracle:linux:packagekit-cron", "p-cpe:/a:oracle:linux:packagekit-glib", "p-cpe:/a:oracle:linux:packagekit-glib-devel", "p-cpe:/a:oracle:linux:packagekit-gstreamer-plugin", "p-cpe:/a:oracle:linux:packagekit-gtk3-module", "p-cpe:/a:oracle:linux:dleyna-renderer", "p-cpe:/a:oracle:linux:frei0r-devel", "p-cpe:/a:oracle:linux:frei0r-plugins", "p-cpe:/a:oracle:linux:frei0r-plugins-opencv", "p-cpe:/a:oracle:linux:gdm", "p-cpe:/a:oracle:linux:gnome-classic-session", "p-cpe:/a:oracle:linux:gnome-control-center", "p-cpe:/a:oracle:linux:gnome-control-center-filesystem", "p-cpe:/a:oracle:linux:gnome-photos", "p-cpe:/a:oracle:linux:gnome-photos-tests", "p-cpe:/a:oracle:linux:gnome-remote-desktop", "p-cpe:/a:oracle:linux:gnome-session", "p-cpe:/a:oracle:linux:gnome-session-wayland-session", "p-cpe:/a:oracle:linux:gnome-session-xsession", "p-cpe:/a:oracle:linux:gnome-settings-daemon", "p-cpe:/a:oracle:linux:gnome-shell", "p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows", "p-cpe:/a:oracle:linux:gnome-shell-extension-common", "p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock", "p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons", "p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield", "p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces", "p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance", "p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement", "p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner", "p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites", "p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu", "p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer", "p-cpe:/a:oracle:linux:gnome-shell-extension-systemmonitor", "p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons", "p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog", "p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme", "p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper", "p-cpe:/a:oracle:linux:gnome-shell-extension-window-list", "p-cpe:/a:oracle:linux:gnome-shell-extension-windowsnavigator", "p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator", "p-cpe:/a:oracle:linux:gnome-terminal", "p-cpe:/a:oracle:linux:gnome-terminal-nautilus", "p-cpe:/a:oracle:linux:gsettings-desktop-schemas", "p-cpe:/a:oracle:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:oracle:linux:gtk-doc", "p-cpe:/a:oracle:linux:gtk-update-icon-cache", "p-cpe:/a:oracle:linux:gtk3", "p-cpe:/a:oracle:linux:gtk3-devel", "p-cpe:/a:oracle:linux:gtk3-immodule-xim", "p-cpe:/a:oracle:linux:gvfs", "p-cpe:/a:oracle:linux:gvfs-afc", "p-cpe:/a:oracle:linux:gvfs-afp", "p-cpe:/a:oracle:linux:gvfs-archive", "p-cpe:/a:oracle:linux:gvfs-client", "p-cpe:/a:oracle:linux:gvfs-devel", "p-cpe:/a:oracle:linux:gvfs-fuse", "p-cpe:/a:oracle:linux:gvfs-goa", "p-cpe:/a:oracle:linux:gvfs-gphoto2", "p-cpe:/a:oracle:linux:gvfs-mtp", "p-cpe:/a:oracle:linux:gvfs-smb", "p-cpe:/a:oracle:linux:libsoup", "p-cpe:/a:oracle:linux:libsoup-devel", "p-cpe:/a:oracle:linux:mutter", "p-cpe:/a:oracle:linux:mutter-devel", "p-cpe:/a:oracle:linux:nautilus", "p-cpe:/a:oracle:linux:nautilus-devel", "p-cpe:/a:oracle:linux:nautilus-extensions", "p-cpe:/a:oracle:linux:pipewire", "p-cpe:/a:oracle:linux:pipewire-devel", "p-cpe:/a:oracle:linux:pipewire-doc", "p-cpe:/a:oracle:linux:pipewire-libs", "p-cpe:/a:oracle:linux:pipewire-utils", "p-cpe:/a:oracle:linux:pipewire0.2-devel", "p-cpe:/a:oracle:linux:pipewire0.2-libs", "p-cpe:/a:oracle:linux:potrace", "p-cpe:/a:oracle:linux:pygobject3-devel", "p-cpe:/a:oracle:linux:python3-gobject", "p-cpe:/a:oracle:linux:python3-gobject-base", "p-cpe:/a:oracle:linux:tracker", "p-cpe:/a:oracle:linux:tracker-devel", "p-cpe:/a:oracle:linux:vte-profile", "p-cpe:/a:oracle:linux:vte291", "p-cpe:/a:oracle:linux:vte291-devel", "p-cpe:/a:oracle:linux:webkit2gtk3", "p-cpe:/a:oracle:linux:webkit2gtk3-devel", "p-cpe:/a:oracle:linux:webkit2gtk3-jsc", "p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel", "p-cpe:/a:oracle:linux:webrtc-audio-processing", "p-cpe:/a:oracle:linux:xdg-desktop-portal", "p-cpe:/a:oracle:linux:xdg-desktop-portal-gtk"], "id": "ORACLELINUX_ELSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/142763", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-4451.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142763);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"Oracle Linux 8 : GNOME (ELSA-2020-4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2020-4451 advisory.\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when\n user registers through GNOME control center (CVE-2020-14391)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp,\n postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example,\n malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-4451.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-command-not-found\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-gstreamer-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:PackageKit-gtk3-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dleyna-renderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:frei0r-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:frei0r-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:frei0r-plugins-opencv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-classic-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-control-center\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-control-center-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-photos\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-photos-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-remote-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-apps-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-auto-move-windows\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-dash-to-dock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-disable-screenshield\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-drive-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-horizontal-workspaces\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-launch-new-instance\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-native-window-placement\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-no-hot-corner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-panel-favorites\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-places-menu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-screenshot-window-sizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-systemMonitor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-top-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-updates-dialog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-user-theme\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-window-grouper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-window-list\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-windowsNavigator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-shell-extension-workspace-indicator\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-terminal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gnome-terminal-nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-afc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-afp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-archive\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-fuse\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-goa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-gphoto2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-mtp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:gvfs-smb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libsoup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mutter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nautilus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:nautilus-extensions\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pipewire0.2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:potrace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:pygobject3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vte-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vte291\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:vte291-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:webrtc-audio-processing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xdg-desktop-portal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xdg-desktop-portal-gtk\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'dleyna-renderer-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gdm-3.28.3-34.el8', 'cpu':'aarch64', 'release':'8', 'epoch':'1'},\n {'reference':'gdm-3.28.3-34.el8', 'cpu':'i686', 'release':'8', 'epoch':'1'},\n {'reference':'gdm-3.28.3-34.el8', 'cpu':'x86_64', 'release':'8', 'epoch':'1'},\n {'reference':'gnome-classic-session-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-control-center-3.28.2-22.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-control-center-3.28.2-22.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-control-center-filesystem-3.28.2-22.el8', 'release':'8'},\n {'reference':'gnome-photos-3.28.1-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-photos-tests-3.28.1-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-session-3.28.1-10.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-session-3.28.1-10.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-session-wayland-session-3.28.1-10.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-session-wayland-session-3.28.1-10.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-session-xsession-3.28.1-10.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-session-xsession-3.28.1-10.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-settings-daemon-3.32.0-11.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-shell-3.32.2-20.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-shell-3.32.2-20.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-shell-extension-apps-menu-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-auto-move-windows-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-common-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-dash-to-dock-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-desktop-icons-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-disable-screenshield-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-drive-menu-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-horizontal-workspaces-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-launch-new-instance-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-native-window-placement-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-no-hot-corner-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-panel-favorites-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-places-menu-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-screenshot-window-sizer-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-systemMonitor-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-top-icons-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-updates-dialog-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-user-theme-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-window-grouper-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-window-list-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-windowsNavigator-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-shell-extension-workspace-indicator-3.32.1-11.el8', 'release':'8'},\n {'reference':'gnome-terminal-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-terminal-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gnome-terminal-nautilus-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gnome-terminal-nautilus-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk-doc-1.28-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk-doc-1.28-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk-update-icon-cache-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk-update-icon-cache-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gtk3-immodule-xim-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gtk3-immodule-xim-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-afc-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-afc-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-afp-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-afp-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-archive-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-archive-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-client-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-client-1.36.2-10.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gvfs-client-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-devel-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-devel-1.36.2-10.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'gvfs-devel-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-fuse-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-fuse-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-goa-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-goa-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-gphoto2-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-gphoto2-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-mtp-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-mtp-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'gvfs-smb-1.36.2-10.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'gvfs-smb-1.36.2-10.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'mutter-3.32.2-48.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'mutter-3.32.2-48.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'mutter-3.32.2-48.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'nautilus-extensions-3.28.1-14.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'nautilus-extensions-3.28.1-14.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'nautilus-extensions-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-command-not-found-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-command-not-found-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-cron-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-cron-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-glib-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-glib-1.1.12-6.0.1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'PackageKit-glib-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-glib-devel-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-glib-devel-1.1.12-6.0.1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'PackageKit-glib-devel-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.0.1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.0.1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.0.1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'potrace-1.15-3.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'potrace-1.15-3.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'potrace-1.15-3.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webkit2gtk3-jsc-devel-2.28.4-1.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'i686', 'release':'8'},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'xdg-desktop-portal-1.6.0-2.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'xdg-desktop-portal-1.6.0-2.el8', 'cpu':'x86_64', 'release':'8'},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'aarch64', 'release':'8'},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-devel / PackageKit / etc');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-05T15:29:42", "description": "An update of the tcpdump package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Tcpdump PHSA-2019-2.0-0182", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:tcpdump", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0182_TCPDUMP.NASL", "href": "https://www.tenable.com/plugins/nessus/130118", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0182. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130118);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"Photon OS 2.0: Tcpdump PHSA-2019-2.0-0182\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the tcpdump package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-182.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15166\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"tcpdump-4.9.3-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"tcpdump-debuginfo-4.9.3-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-05T15:31:15", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Debian DSA-4547-1 : tcpdump - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tcpdump", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4547.NASL", "href": "https://www.tenable.com/plugins/nessus/130135", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4547. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130135);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n script_xref(name:\"DSA\", value:\"4547\");\n\n script_name(english:\"Debian DSA-4547-1 : tcpdump - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These vulnerabilities might\nresult in denial of service or, potentially, execution of arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4547\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tcpdump packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 4.9.3-1~deb9u1.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 4.9.3-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"tcpdump\", reference:\"4.9.3-1~deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tcpdump\", reference:\"4.9.3-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-05T15:29:58", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These security vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 4.9.3-1~deb8u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-14T00:00:00", "type": "nessus", "title": "Debian DLA-1955-1 : tcpdump security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tcpdump", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1955.NASL", "href": "https://www.tenable.com/plugins/nessus/129828", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1955-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129828);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n\n script_name(english:\"Debian DLA-1955-1 : tcpdump security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These security vulnerabilities\nmight result in denial of service or, potentially, execution of\narbitrary code.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.9.3-1~deb8u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tcpdump\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"tcpdump\", reference:\"4.9.3-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-11-12T13:32:46", "description": "The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-11-06T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : GNOME (RLSA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2023-11-07T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:libraw-devel", "p-cpe:/a:rocky:linux:packagekit-glib", "p-cpe:/a:rocky:linux:dleyna-renderer-debugsource", "p-cpe:/a:rocky:linux:frei0r-plugins-opencv", "p-cpe:/a:rocky:linux:gnome-remote-desktop-debuginfo", "p-cpe:/a:rocky:linux:pipewire-doc", "p-cpe:/a:rocky:linux:python3-gobject-base-debuginfo", "p-cpe:/a:rocky:linux:libsoup-debuginfo", "p-cpe:/a:rocky:linux:libsoup-debugsource", "p-cpe:/a:rocky:linux:webrtc-audio-processing-debugsource", "p-cpe:/a:rocky:linux:gnome-session-wayland-session", "p-cpe:/a:rocky:linux:potrace-debugsource", "p-cpe:/a:rocky:linux:dleyna-renderer", "p-cpe:/a:rocky:linux:pipewire", "p-cpe:/a:rocky:linux:pipewire-utils", "p-cpe:/a:rocky:linux:python3-gobject-debuginfo", "p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk", "p-cpe:/a:rocky:linux:packagekit", "p-cpe:/a:rocky:linux:packagekit-command-not-found", "p-cpe:/a:rocky:linux:frei0r-plugins-opencv-debuginfo", "p-cpe:/a:rocky:linux:gsettings-desktop-schemas", "p-cpe:/a:rocky:linux:pipewire-debuginfo", "p-cpe:/a:rocky:linux:python3-gobject", "p-cpe:/a:rocky:linux:gtk3-debugsource", "p-cpe:/a:rocky:linux:gtk3-devel-debuginfo", "p-cpe:/a:rocky:linux:libsoup", "p-cpe:/a:rocky:linux:pipewire-debugsource", "p-cpe:/a:rocky:linux:pipewire-libs", "p-cpe:/a:rocky:linux:tracker-devel", "p-cpe:/a:rocky:linux:packagekit-glib-debuginfo", "p-cpe:/a:rocky:linux:frei0r-devel", "p-cpe:/a:rocky:linux:frei0r-plugins-debuginfo", "p-cpe:/a:rocky:linux:tracker-debuginfo", "p-cpe:/a:rocky:linux:packagekit-debugsource", "p-cpe:/a:rocky:linux:packagekit-gstreamer-plugin", "p-cpe:/a:rocky:linux:gsettings-desktop-schemas-devel", "p-cpe:/a:rocky:linux:gtk-update-icon-cache", "p-cpe:/a:rocky:linux:gtk3-immodule-xim-debuginfo", "p-cpe:/a:rocky:linux:pipewire-devel", "p-cpe:/a:rocky:linux:vte291-debugsource", "p-cpe:/a:rocky:linux:packagekit-gtk3-module-debuginfo", "p-cpe:/a:rocky:linux:gnome-session-xsession", "p-cpe:/a:rocky:linux:gtk3-immodule-xim", "p-cpe:/a:rocky:linux:pipewire0.2-libs-debuginfo", "p-cpe:/a:rocky:linux:python3-gobject-base", "p-cpe:/a:rocky:linux:packagekit-glib-devel", "p-cpe:/a:rocky:linux:gnome-session", "p-cpe:/a:rocky:linux:gtk3", "p-cpe:/a:rocky:linux:pipewire0.2-libs", "p-cpe:/a:rocky:linux:vte291-devel", "p-cpe:/a:rocky:linux:gnome-remote-desktop-debugsource", "p-cpe:/a:rocky:linux:gtk3-debuginfo", "p-cpe:/a:rocky:linux:potrace", "p-cpe:/a:rocky:linux:vte-profile", "p-cpe:/a:rocky:linux:vte291-debuginfo", "p-cpe:/a:rocky:linux:packagekit-command-not-found-debuginfo", "p-cpe:/a:rocky:linux:packagekit-debuginfo", "p-cpe:/a:rocky:linux:frei0r-plugins-debugsource", "p-cpe:/a:rocky:linux:gnome-session-debuginfo", "p-cpe:/a:rocky:linux:pygobject3-debuginfo", "p-cpe:/a:rocky:linux:tracker", "p-cpe:/a:rocky:linux:webrtc-audio-processing", "p-cpe:/a:rocky:linux:webrtc-audio-processing-debuginfo", "p-cpe:/a:rocky:linux:libraw", "p-cpe:/a:rocky:linux:packagekit-gstreamer-plugin-debuginfo", "p-cpe:/a:rocky:linux:pipewire0.2-debugsource", "p-cpe:/a:rocky:linux:dleyna-renderer-debuginfo", "p-cpe:/a:rocky:linux:gtk-update-icon-cache-debuginfo", "p-cpe:/a:rocky:linux:gtk3-devel", "p-cpe:/a:rocky:linux:libsoup-devel", "p-cpe:/a:rocky:linux:pipewire-utils-debuginfo", "p-cpe:/a:rocky:linux:packagekit-gtk3-module", "p-cpe:/a:rocky:linux:gnome-session-debugsource", "p-cpe:/a:rocky:linux:pipewire0.2-devel", "p-cpe:/a:rocky:linux:vte291", "p-cpe:/a:rocky:linux:vte291-devel-debuginfo", "p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk-debugsource", "p-cpe:/a:rocky:linux:libraw-debuginfo", "p-cpe:/a:rocky:linux:libraw-debugsource", "p-cpe:/a:rocky:linux:packagekit-cron", "p-cpe:/a:rocky:linux:frei0r-plugins", "p-cpe:/a:rocky:linux:gnome-remote-desktop", "p-cpe:/a:rocky:linux:pipewire-libs-debuginfo", "p-cpe:/a:rocky:linux:potrace-debuginfo", "p-cpe:/a:rocky:linux:pygobject3-debugsource", "p-cpe:/a:rocky:linux:pygobject3-devel", "p-cpe:/a:rocky:linux:tracker-debugsource", "p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk-debuginfo", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/184669", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2020:4451.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(184669);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/11/07\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\",\n \"CVE-2021-30666\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n script_xref(name:\"RLSA\", value:\"2020:4451\");\n\n script_name(english:\"Rocky Linux 8 : GNOME (RLSA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nRLSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content\n that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory\n corruption issues. (CVE-2019-8720)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it\n improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME\n Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal\n password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp,\n postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example,\n malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2020:4451\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1207179\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1566027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1569868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1652178\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1656262\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1668895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1692536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1706008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1706076\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1715845\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1719937\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1758891\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1775345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1778579\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1779691\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1794045\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1804719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1805929\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1811721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1814820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1816070\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1816678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1816684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1816686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1817143\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1820759\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1820760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1824362\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1827030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1829369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1832347\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1833158\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1837381\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1837406\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1837413\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1837648\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1840080\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1840788\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1843486\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1844578\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1846191\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1847051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1847061\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1847062\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1847203\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1853477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1854734\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1866332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1868260\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1872270\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1873093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1873963\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876472\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876537\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876548\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876550\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876554\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876590\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1876619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1877853\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879538\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879541\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1879568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1880339\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-command-not-found\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-command-not-found-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-glib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-gstreamer-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-gstreamer-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-gtk3-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:PackageKit-gtk3-module-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:dleyna-renderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:dleyna-renderer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:dleyna-renderer-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:frei0r-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:frei0r-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:frei0r-plugins-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:frei0r-plugins-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:frei0r-plugins-opencv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:frei0r-plugins-opencv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-remote-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-remote-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-remote-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-wayland-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gnome-session-xsession\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gsettings-desktop-schemas-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk-update-icon-cache\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk-update-icon-cache-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-immodule-xim\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:gtk3-immodule-xim-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsoup-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsoup-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:libsoup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire-utils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire0.2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire0.2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pipewire0.2-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:potrace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:potrace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:potrace-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pygobject3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pygobject3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pygobject3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-gobject-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:python3-gobject-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:tracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:tracker-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:tracker-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:tracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vte-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vte291\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vte291-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vte291-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vte291-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:vte291-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webrtc-audio-processing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webrtc-audio-processing-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:webrtc-audio-processing-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:xdg-desktop-portal-gtk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RockyLinux/release');\nif (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'dleyna-renderer-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dleyna-renderer-debuginfo-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dleyna-renderer-debugsource-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-debuginfo-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-debuginfo-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-debuginfo-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-debugsource-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-debugsource-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-debugsource-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-opencv-debuginfo-1.6.1-7.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-opencv-debuginfo-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-debuginfo-0.1.8-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-debuginfo-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-debugsource-0.1.8-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-debugsource-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debuginfo-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debuginfo-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debugsource-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-debugsource-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-wayland-session-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-10.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-session-xsession-3.28.1-10.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-devel-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-debuginfo-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-update-icon-cache-debuginfo-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debuginfo-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debuginfo-3.22.30-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debuginfo-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debugsource-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debugsource-3.22.30-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-debugsource-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-debuginfo-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-debuginfo-3.22.30-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-devel-debuginfo-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-debuginfo-3.22.30-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk3-immodule-xim-debuginfo-3.22.30-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debuginfo-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debuginfo-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debugsource-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-debugsource-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-debuginfo-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-debuginfo-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-debuginfo-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-debugsource-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-debugsource-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-debugsource-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-debuginfo-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-debuginfo-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-debuginfo-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-debuginfo-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-cron-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-cron-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-cron-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-cron-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debuginfo-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debuginfo-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debuginfo-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debuginfo-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debuginfo-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debuginfo-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debugsource-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debugsource-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debugsource-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debugsource-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debugsource-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-debugsource-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-debuginfo-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-debuginfo-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-debuginfo-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-debuginfo-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-debuginfo-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-debuginfo-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-debuginfo-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-debuginfo-1.1.12-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-debuginfo-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-debuginfo-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.0.2', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.0.2', 'cpu':'i686', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-debuginfo-1.1.12-6.el8.0.2', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.0', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-debuginfo-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-debuginfo-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-debuginfo-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-debugsource-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-debugsource-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-debugsource-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-debuginfo-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-debuginfo-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-debuginfo-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-utils-debuginfo-0.3.6-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-utils-debuginfo-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-debugsource-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-debugsource-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-debugsource-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-debuginfo-0.2.7-6.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-debuginfo-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-debuginfo-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-debuginfo-1.15-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-debuginfo-1.15-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-debuginfo-1.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-debugsource-1.15-3.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-debugsource-1.15-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-debugsource-1.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-debuginfo-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-debuginfo-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-debuginfo-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-debugsource-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-debugsource-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-debugsource-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-debuginfo-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-debuginfo-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-debuginfo-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-debuginfo-3.28.3-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-debuginfo-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-debuginfo-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-debuginfo-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-debuginfo-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-debuginfo-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-debugsource-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-debugsource-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-debugsource-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-debuginfo-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-debuginfo-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-debuginfo-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-debugsource-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-debugsource-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-debugsource-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-debuginfo-0.52.4-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-debuginfo-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-debuginfo-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-debuginfo-0.3-9.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-debuginfo-0.3-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-debuginfo-0.3-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-debugsource-0.3-9.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-debugsource-0.3-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-debugsource-0.3-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-debuginfo-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-debugsource-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw / LibRaw-debuginfo / LibRaw-debugsource / LibRaw-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-28T14:53:17", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by multiple vulnerabilities:\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2021-0059)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925"], "modified": "2022-05-25T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0059_WEBKIT2GTK3.NASL", "href": "https://www.tenable.com/plugins/nessus/147363", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0059. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147363);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : webkit2gtk3 Multiple Vulnerabilities (NS-SA-2021-0059)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has webkit2gtk3 packages installed that are affected by\nmultiple vulnerabilities:\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0059\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL webkit2gtk3 packages. Note that updated packages may not be available yet. Please contact\nZTE for more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL MAIN 6.02': [\n 'webkit2gtk3-2.28.4-1.el8',\n 'webkit2gtk3-debuginfo-2.28.4-1.el8',\n 'webkit2gtk3-debugsource-2.28.4-1.el8',\n 'webkit2gtk3-devel-2.28.4-1.el8',\n 'webkit2gtk3-devel-debuginfo-2.28.4-1.el8',\n 'webkit2gtk3-doc-2.28.4-1.el8',\n 'webkit2gtk3-jsc-2.28.4-1.el8',\n 'webkit2gtk3-jsc-debuginfo-2.28.4-1.el8',\n 'webkit2gtk3-jsc-devel-2.28.4-1.el8',\n 'webkit2gtk3-jsc-devel-debuginfo-2.28.4-1.el8'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'webkit2gtk3');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-06T15:22:43", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-4760 advisory.\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). (CVE-2018-14879)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. (CVE-2018-16227)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : tcpdump (ELSA-2020-4760)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2020-11-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:tcpdump"], "id": "ORACLELINUX_ELSA-2020-4760.NASL", "href": "https://www.tenable.com/plugins/nessus/142765", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-4760.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142765);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/13\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"Oracle Linux 8 : tcpdump (ELSA-2020-4760)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2020-4760 advisory.\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-\n lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert(). (CVE-2018-14466)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in\n tcpdump.c:get_next_file(). (CVE-2018-14879)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags\n subfield. (CVE-2018-16227)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion. (CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-4760.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10105\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tcpdump\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'tcpdump-4.9.3-1.el8', 'cpu':'aarch64', 'release':'8', 'epoch':'14'},\n {'reference':'tcpdump-4.9.3-1.el8', 'cpu':'x86_64', 'release':'8', 'epoch':'14'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-27T14:19:25", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : GNOME (ALSA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2022-05-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libraw-devel", "p-cpe:/a:alma:linux:packagekit", "p-cpe:/a:alma:linux:packagekit-command-not-found", "p-cpe:/a:alma:linux:packagekit-cron", "p-cpe:/a:alma:linux:packagekit-glib", "p-cpe:/a:alma:linux:packagekit-glib-devel", "p-cpe:/a:alma:linux:packagekit-gstreamer-plugin", "p-cpe:/a:alma:linux:packagekit-gtk3-module", "p-cpe:/a:alma:linux:dleyna-renderer", "p-cpe:/a:alma:linux:frei0r-devel", "p-cpe:/a:alma:linux:frei0r-plugins", "p-cpe:/a:alma:linux:frei0r-plugins-opencv", "p-cpe:/a:alma:linux:gnome-remote-desktop", "p-cpe:/a:alma:linux:gsettings-desktop-schemas", "p-cpe:/a:alma:linux:gtk-doc", "p-cpe:/a:alma:linux:gvfs", "p-cpe:/a:alma:linux:libsoup", "p-cpe:/a:alma:linux:libsoup-devel", "p-cpe:/a:alma:linux:mutter-devel", "p-cpe:/a:alma:linux:nautilus", "p-cpe:/a:alma:linux:nautilus-devel", "p-cpe:/a:alma:linux:pipewire", "p-cpe:/a:alma:linux:pipewire-devel", "p-cpe:/a:alma:linux:pipewire-doc", "p-cpe:/a:alma:linux:pipewire-libs", "p-cpe:/a:alma:linux:pipewire-utils", "p-cpe:/a:alma:linux:pipewire0.2-devel", "p-cpe:/a:alma:linux:pipewire0.2-libs", "p-cpe:/a:alma:linux:potrace", "p-cpe:/a:alma:linux:pygobject3-devel", "p-cpe:/a:alma:linux:python3-gobject", "p-cpe:/a:alma:linux:python3-gobject-base", "p-cpe:/a:alma:linux:tracker", "p-cpe:/a:alma:linux:tracker-devel", "p-cpe:/a:alma:linux:vte-profile", "p-cpe:/a:alma:linux:vte291", "p-cpe:/a:alma:linux:vte291-devel", "p-cpe:/a:alma:linux:webrtc-audio-processing", "p-cpe:/a:alma:linux:xdg-desktop-portal-gtk", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/157689", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2020:4451.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157689);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-9952\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\",\n \"CVE-2021-30666\",\n \"CVE-2021-30761\",\n \"CVE-2021-30762\"\n );\n script_xref(name:\"ALSA\", value:\"2020:4451\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2021/11/17\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"AlmaLinux 8 : GNOME (ALSA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2020:4451 advisory.\n\n - A logic issue was addressed with improved state management. This issue is fixed in tvOS 13, iTunes for\n Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14. Processing maliciously crafted web\n content may lead to universal cross site scripting. (CVE-2019-8625)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8710)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8743)\n\n - A logic issue was addressed with improved state management. This issue is fixed in watchOS 6.1. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8764)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n watchOS 6.1, iCloud for Windows 11.0. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8766)\n\n - An issue existed in the drawing of web page elements. The issue was addressed with improved logic. This\n issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Visiting a maliciously crafted website\n may reveal browsing history. (CVE-2019-8769)\n\n - This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1,\n iOS 13. Maliciously crafted web content may violate iframe sandboxing policy. (CVE-2019-8771)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0.\n Processing maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8782)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0,\n iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8783, CVE-2019-8814, CVE-2019-8815, CVE-2019-8819, CVE-2019-8823)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2. Processing\n maliciously crafted web content may lead to arbitrary code execution. (CVE-2019-8808, CVE-2019-8812)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.2 and iPadOS 13.2, tvOS 13.2, watchOS 6.1, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for\n Windows 11.0, iCloud for Windows 7.15. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8811, CVE-2019-8816, CVE-2019-8820)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS\n 13.2, tvOS 13.2, Safari 13.0.3, iTunes for Windows 12.10.2, iCloud for Windows 11.0. Processing\n maliciously crafted web content may lead to universal cross site scripting. (CVE-2019-8813)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows,\n iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8835)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in\n tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3\n for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary\n code execution. (CVE-2019-8844)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3,\n iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for\n Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2019-8846)\n\n - A denial of service issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1\n and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud\n for Windows 7.17. A malicious website may be able to cause a denial of service. (CVE-2020-3862)\n\n - A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17,\n iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS\n 13.3.1. A DOM object context may not have had a unique security origin. (CVE-2020-3864)\n\n - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS\n 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0,\n iCloud for Windows 7.17. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3865, CVE-2020-3868)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.3.1 and iPadOS\n 13.3.1, tvOS 13.3.1, Safari 13.0.5, iTunes for Windows 12.10.4, iCloud for Windows 11.0, iCloud for\n Windows 7.17. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-3867)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4,\n tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A\n file URL may be incorrectly processed. (CVE-2020-3885)\n\n - A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS\n 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows\n 7.18. An application may be able to read restricted memory. (CVE-2020-3894)\n\n - A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3895, CVE-2020-3900)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-3897)\n\n - A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows\n 10.9.3, iCloud for Windows 7.18. A remote attacker may be able to cause arbitrary code execution.\n (CVE-2020-3899)\n\n - A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and\n iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3,\n iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-3901)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4\n and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for\n Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack.\n (CVE-2020-3902)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code execution.\n (CVE-2020-9802)\n\n - A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 and\n iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9803)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. Processing maliciously crafted web content may lead to universal cross site scripting.\n (CVE-2020-9805)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to arbitrary code\n execution. (CVE-2020-9806, CVE-2020-9807)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.5\n and iPadOS 13.5, tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows\n 11.2, iCloud for Windows 7.19. Processing maliciously crafted web content may lead to a cross site\n scripting attack. (CVE-2020-9843)\n\n - A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 13.5,\n tvOS 13.4.5, watchOS 6.2.5, Safari 13.1.1, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for\n Windows 7.19. A remote attacker may be able to cause arbitrary code execution. (CVE-2020-9850)\n\n - A command injection issue existed in Web Inspector. This issue was addressed with improved escaping. This\n issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for\n Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Copying a URL from Web Inspector may lead to\n command injection. (CVE-2020-9862)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9893, CVE-2020-9895)\n\n - An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and\n iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows\n 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination\n or arbitrary code execution. (CVE-2020-9894)\n\n - An access issue existed in Content Security Policy. This issue was addressed with improved access\n restrictions. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2,\n iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing maliciously\n crafted web content may prevent Content Security Policy from being enforced. (CVE-2020-9915)\n\n - A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPadOS\n 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3,\n iCloud for Windows 7.20. Processing maliciously crafted web content may lead to universal cross site\n scripting. (CVE-2020-9925)\n\n - An input validation issue was addressed with improved input validation. This issue is fixed in iOS 14.0\n and iPadOS 14.0, tvOS 14.0, watchOS 7.0, Safari 14.0, iCloud for Windows 11.4, iCloud for Windows 7.21.\n Processing maliciously crafted web content may lead to a cross site scripting attack. (CVE-2020-9952)\n\n - WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0)\n contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue\n has been fixed in 2.28.0 with improved memory handling. (CVE-2020-10018)\n\n - A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web\n content that allows remote attackers to execute arbitrary code or cause a denial of service (memory\n corruption and application crash). (CVE-2020-11793)\n\n - A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it\n improperly uses Red Hat Customer Portal credentials when a user registers a system through the GNOME\n Settings User Interface. This flaw allows a local attacker to discover the Red Hat Customer Portal\n password. The highest threat from this vulnerability is to confidentiality. (CVE-2020-14391)\n\n - LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp,\n postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example,\n malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. (CVE-2020-15503)\n\n - A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30666)\n\n - A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30761)\n\n - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.5.4.\n Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a\n report that this issue may have been actively exploited.. (CVE-2021-30762)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2020-4451.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-command-not-found\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-cron\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-glib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-glib-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-gstreamer-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:PackageKit-gtk3-module\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dleyna-renderer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:frei0r-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:frei0r-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:frei0r-plugins-opencv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnome-remote-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gsettings-desktop-schemas\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gtk-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gvfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsoup\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libsoup-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:mutter-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:nautilus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire0.2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pipewire0.2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:potrace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:pygobject3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-gobject\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:python3-gobject-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:tracker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:tracker-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vte-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vte291\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:vte291-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:webrtc-audio-processing\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:xdg-desktop-portal-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'dleyna-renderer-0.6.0-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-devel-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'frei0r-plugins-opencv-1.6.1-7.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnome-remote-desktop-0.1.8-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gsettings-desktop-schemas-3.32.0-5.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gtk-doc-1.28-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gvfs-1.36.2-10.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'LibRaw-devel-0.19.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libsoup-devel-2.62.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'mutter-devel-3.32.2-48.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-3.28.1-14.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'nautilus-devel-3.28.1-14.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-command-not-found-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-cron-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-glib-devel-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gstreamer-plugin-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'PackageKit-gtk3-module-1.1.12-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-devel-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-doc-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-libs-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire-utils-0.3.6-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-devel-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pipewire0.2-libs-0.2.7-6.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'potrace-1.15-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pygobject3-devel-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-gobject-base-3.28.3-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'tracker-devel-2.1.5-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte-profile-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'vte291-devel-0.52.4-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'webrtc-audio-processing-0.3-9.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'xdg-desktop-portal-gtk-1.6.0-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'LibRaw-devel / PackageKit / PackageKit-command-not-found / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:19", "description": "This update for webkit2gtk3 to version 2.28.1 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-10018: Fixed a denial of service because the m_deferredFocusedNodeChange data structure was mishandled (bsc#1165528).\n\nCVE-2020-11793: Fixed a potential arbitrary code execution caused by a use-after-free vulnerability (bsc#1169658).\n\nCVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8846: Fixed a use-after-free issue (bsc#1161719).\n\nCVE-2020-3862: Fixed a memory handling issue (bsc#1163809).\n\nCVE-2020-3867: Fixed an XSS issue (bsc#1163809).\n\nCVE-2020-3868: Fixed multiple memory corruption issues that could have lead to arbitrary code execution (bsc#1163809).\n\nCVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object context handling (bsc#1163809).\n\nNon-security issues fixed: Add API to enable Process Swap on (Cross-site) Navigation.\n\nAdd user messages API for the communication with the web extension.\n\nAdd support for same-site cookies.\n\nService workers are enabled by default.\n\nAdd support for Pointer Lock API.\n\nAdd flatpak sandbox support.\n\nMake ondemand hardware acceleration policy never leave accelerated compositing mode.\n\nAlways use a light theme for rendering form controls.\n\nAdd about:gpu to show information about the graphics stack.\n\nFixed issues while trying to play a video on NextCloud.\n\nFixed vertical alignment of text containing arabic diacritics.\n\nFixed build with icu 65.1.\n\nFixed page loading errors with websites using HSTS.\n\nFixed web process crash when displaying a KaTeX formula.\n\nFixed several crashes and rendering issues.\n\nSwitched to a single web process for Evolution and geary (bsc#1159329).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:1135-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868"], "modified": "2023-04-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0", "p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0", "p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-javascriptcore", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2", "p-cpe:/a:novell:suse_linux:typelib-1_0-webkit2webextension", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles", "p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo", "p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource", "p-cpe:/a:novell:suse_linux:webkit2gtk3-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-1135-1.NASL", "href": "https://www.tenable.com/plugins/nessus/136082", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1135-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136082);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\"\n );\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"SUSE SLES12 Security Update : webkit2gtk3 (SUSE-SU-2020:1135-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for webkit2gtk3 to version 2.28.1 fixes the following\nissues :\n\nSecurity issues fixed :\n\nCVE-2020-10018: Fixed a denial of service because the\nm_deferredFocusedNodeChange data structure was mishandled\n(bsc#1165528).\n\nCVE-2020-11793: Fixed a potential arbitrary code execution caused by a\nuse-after-free vulnerability (bsc#1169658).\n\nCVE-2019-8835: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8844: Fixed multiple memory corruption issues (bsc#1161719).\n\nCVE-2019-8846: Fixed a use-after-free issue (bsc#1161719).\n\nCVE-2020-3862: Fixed a memory handling issue (bsc#1163809).\n\nCVE-2020-3867: Fixed an XSS issue (bsc#1163809).\n\nCVE-2020-3868: Fixed multiple memory corruption issues that could have\nlead to arbitrary code execution (bsc#1163809).\n\nCVE-2020-3864,CVE-2020-3865: Fixed logic issues in the DOM object\ncontext handling (bsc#1163809).\n\nNon-security issues fixed: Add API to enable Process Swap on\n(Cross-site) Navigation.\n\nAdd user messages API for the communication with the web extension.\n\nAdd support for same-site cookies.\n\nService workers are enabled by default.\n\nAdd support for Pointer Lock API.\n\nAdd flatpak sandbox support.\n\nMake ondemand hardware acceleration policy never leave accelerated\ncompositing mode.\n\nAlways use a light theme for rendering form controls.\n\nAdd about:gpu to show information about the graphics stack.\n\nFixed issues while trying to play a video on NextCloud.\n\nFixed vertical alignment of text containing arabic diacritics.\n\nFixed build with icu 65.1.\n\nFixed page loading errors with websites using HSTS.\n\nFixed web process crash when displaying a KaTeX formula.\n\nFixed several crashes and rendering issues.\n\nSwitched to a single web process for Evolution and geary\n(bsc#1159329).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155321\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1156318\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1161719\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1163809\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165528\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1169658\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8625/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8710/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8720/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8743/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8764/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8766/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8769/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8771/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8782/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8783/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8808/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8811/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8812/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8813/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8814/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8815/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8816/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8819/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8820/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8823/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8835/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8844/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-8846/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10018/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-11793/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3862/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3864/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3865/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3867/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-3868/\");\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201135-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?718c807f\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2020-1135=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2020-1135=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2020-1135=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2020-1135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2020-1135=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2020-1135=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2020-1135=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2020-1135=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2020-1135=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2020-1135=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2020-1135=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3868\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10018\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libjavascriptcoregtk-4_0-18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libwebkit2gtk-4_0-37-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-JavaScriptCore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-WebKit2WebExtension\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk-4_0-injected-bundles-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"webkit2gtk3-devel-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libjavascriptcoregtk-4_0-18-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libjavascriptcoregtk-4_0-18-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libwebkit2gtk-4_0-37-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libwebkit2gtk-4_0-37-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-JavaScriptCore-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-WebKit2-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"typelib-1_0-WebKit2WebExtension-4_0-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk-4_0-injected-bundles-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk-4_0-injected-bundles-debuginfo-2.28.1-2.50.3\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"webkit2gtk3-debugsource-2.28.1-2.50.3\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSS', value:TRUE);\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"webkit2gtk3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-05T15:35:12", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144 64)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-09T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2019-2551)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-16227", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452"], "modified": "2021-01-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2551.NASL", "href": "https://www.tenable.com/plugins/nessus/131825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131825);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/29\");\n\n script_cve_id(\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-16227\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2019-2551)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144\n 64)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer\n over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert().(CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before\n 4.9.3 has a buffer overflow in\n tcpdump.c:get_next_file().(CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a\n buffer over-read in print-802_11.c for the Mesh Flags\n subfield.(CVE-2018-16227)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI).(CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack\n consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer\n over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack\n exhaustion in smbutil.c:smb_fdata() via\n recursion.(CVE-2018-16452)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2551\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6997f598\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14879\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.2-3.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-06-28T14:36:06", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625, CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710, CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812, CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835, CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806, CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893, CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\n - webkitgtk: input validation issue may lead to a cross site scripting (CVE-2020-9952)\n\n - webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-04T00:00:00", "type": "nessus", "title": "RHEL 8 : GNOME (RHSA-2020:4451)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8625", "CVE-2019-8710", "CVE-2019-8720", "CVE-2019-8743", "CVE-2019-8764", "CVE-2019-8766", "CVE-2019-8769", "CVE-2019-8771", "CVE-2019-8782", "CVE-2019-8783", "CVE-2019-8808", "CVE-2019-8811", "CVE-2019-8812", "CVE-2019-8813", "CVE-2019-8814", "CVE-2019-8815", "CVE-2019-8816", "CVE-2019-8819", "CVE-2019-8820", "CVE-2019-8823", "CVE-2019-8835", "CVE-2019-8844", "CVE-2019-8846", "CVE-2020-10018", "CVE-2020-11793", "CVE-2020-14391", "CVE-2020-15503", "CVE-2020-3862", "CVE-2020-3864", "CVE-2020-3865", "CVE-2020-3867", "CVE-2020-3868", "CVE-2020-3885", "CVE-2020-3894", "CVE-2020-3895", "CVE-2020-3897", "CVE-2020-3899", "CVE-2020-3900", "CVE-2020-3901", "CVE-2020-3902", "CVE-2020-9802", "CVE-2020-9803", "CVE-2020-9805", "CVE-2020-9806", "CVE-2020-9807", "CVE-2020-9843", "CVE-2020-9850", "CVE-2020-9862", "CVE-2020-9893", "CVE-2020-9894", "CVE-2020-9895", "CVE-2020-9915", "CVE-2020-9925", "CVE-2020-9952", "CVE-2021-30666", "CVE-2021-30761", "CVE-2021-30762"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:libraw", "p-cpe:/a:redhat:enterprise_linux:libraw-devel", "p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc", "p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel"], "id": "REDHAT-RHSA-2020-4451.NASL", "href": "https://www.tenable.com/plugins/nessus/142418", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4451. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142418);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2019-8625\",\n \"CVE-2019-8710\",\n \"CVE-2019-8720\",\n \"CVE-2019-8743\",\n \"CVE-2019-8764\",\n \"CVE-2019-8766\",\n \"CVE-2019-8769\",\n \"CVE-2019-8771\",\n \"CVE-2019-8782\",\n \"CVE-2019-8783\",\n \"CVE-2019-8808\",\n \"CVE-2019-8811\",\n \"CVE-2019-8812\",\n \"CVE-2019-8813\",\n \"CVE-2019-8814\",\n \"CVE-2019-8815\",\n \"CVE-2019-8816\",\n \"CVE-2019-8819\",\n \"CVE-2019-8820\",\n \"CVE-2019-8823\",\n \"CVE-2019-8835\",\n \"CVE-2019-8844\",\n \"CVE-2019-8846\",\n \"CVE-2020-3862\",\n \"CVE-2020-3864\",\n \"CVE-2020-3865\",\n \"CVE-2020-3867\",\n \"CVE-2020-3868\",\n \"CVE-2020-3885\",\n \"CVE-2020-3894\",\n \"CVE-2020-3895\",\n \"CVE-2020-3897\",\n \"CVE-2020-3899\",\n \"CVE-2020-3900\",\n \"CVE-2020-3901\",\n \"CVE-2020-3902\",\n \"CVE-2020-9802\",\n \"CVE-2020-9803\",\n \"CVE-2020-9805\",\n \"CVE-2020-9806\",\n \"CVE-2020-9807\",\n \"CVE-2020-9843\",\n \"CVE-2020-9850\",\n \"CVE-2020-9862\",\n \"CVE-2020-9893\",\n \"CVE-2020-9894\",\n \"CVE-2020-9895\",\n \"CVE-2020-9915\",\n \"CVE-2020-9925\",\n \"CVE-2020-10018\",\n \"CVE-2020-11793\",\n \"CVE-2020-14391\",\n \"CVE-2020-15503\"\n );\n script_xref(name:\"RHSA\", value:\"2020:4451\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/06/13\");\n\n script_name(english:\"RHEL 8 : GNOME (RHSA-2020:4451)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4451 advisory.\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8625,\n CVE-2019-8813, CVE-2020-3867)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8710,\n CVE-2019-8720, CVE-2019-8766, CVE-2019-8782, CVE-2019-8783, CVE-2019-8808, CVE-2019-8811, CVE-2019-8812,\n CVE-2019-8814, CVE-2019-8815, CVE-2019-8816, CVE-2019-8819, CVE-2019-8820, CVE-2019-8823, CVE-2020-3868)\n\n - webkitgtk: Multiple memory corruption issues leading to arbitrary code execution (CVE-2019-8743)\n\n - webkitgtk: Incorrect state management leading to universal cross-site scripting (CVE-2019-8764)\n\n - webkitgtk: Websites could reveal browsing history (CVE-2019-8769)\n\n - webkitgtk: Violation of iframe sandboxing policy (CVE-2019-8771)\n\n - webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution (CVE-2019-8835,\n CVE-2019-8844)\n\n - webkitgtk: Use after free issue may lead to remote code execution (CVE-2019-8846)\n\n - webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp (CVE-2020-10018)\n\n - webkitgtk: use-after-free via crafted web content (CVE-2020-11793)\n\n - gnome-settings-daemon: Red Hat Customer Portal password logged and passed as command line argument when\n user registers through GNOME control center (CVE-2020-14391)\n\n - LibRaw: lack of thumbnail size range check can lead to buffer overflow (CVE-2020-15503)\n\n - webkitgtk: Denial of service via incorrect memory handling (CVE-2020-3862)\n\n - webkitgtk: Non-unique security origin for DOM object contexts (CVE-2020-3864)\n\n - webkitgtk: Incorrect security check for a top-level DOM object context (CVE-2020-3865)\n\n - webkitgtk: Incorrect processing of file URLs (CVE-2020-3885)\n\n - webkitgtk: Race condition allows reading of restricted memory (CVE-2020-3894)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3895)\n\n - webkitgtk: Type confusion leading to arbitrary code execution (CVE-2020-3897, CVE-2020-3901)\n\n - webkitgtk: Memory consumption issue leading to arbitrary code execution (CVE-2020-3899)\n\n - webkitgtk: Memory corruption triggered by a malicious web content (CVE-2020-3900)\n\n - webkitgtk: Input validation issue leading to cross-site script attack (CVE-2020-3902)\n\n - webkitgtk: Logic issue may lead to arbitrary code execution (CVE-2020-9802, CVE-2020-9850)\n\n - webkitgtk: Memory corruption may lead to arbitrary code execution (CVE-2020-9803, CVE-2020-9806,\n CVE-2020-9807)\n\n - webkitgtk: Logic issue may lead to cross site scripting (CVE-2020-9805)\n\n - webkitgtk: Input validation issue may lead to cross site scripting (CVE-2020-9843)\n\n - webkitgtk: Command injection in web inspector (CVE-2020-9862)\n\n - webkitgtk: Use-after-free may lead to application termination or arbitrary code execution (CVE-2020-9893,\n CVE-2020-9895)\n\n - webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution\n (CVE-2020-9894)\n\n - webkitgtk: Access issue in content security policy (CVE-2020-9915)\n\n - webkitgtk: A logic issue may lead to cross site scripting (CVE-2020-9925)\n\n - webkitgtk: input validation issue may lead to a cross site scripting (CVE-2020-9952)\n\n - webkitgtk: Buffer overflow leading to arbitrary code execution (CVE-2021-30666)\n\n - webkitgtk: Memory corruption leading to arbitrary code execution (CVE-2021-30761)\n\n - webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30762)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8625\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8710\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8720\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8743\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8764\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8766\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8769\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8771\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8782\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8783\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8808\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8811\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8813\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8814\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8815\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8816\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8819\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8820\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8823\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8835\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-8846\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3864\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-3902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9802\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9803\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9805\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9806\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9807\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9850\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9862\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9895\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9915\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9925\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-9952\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-11793\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-14391\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-15503\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30666\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30761\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-30762\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4451\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1811721\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816678\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816684\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1816686\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1829369\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1853477\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1873093\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876472\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876473\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876476\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876522\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876523\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876537\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876548\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876549\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876550\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876552\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876553\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876554\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876556\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876590\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876591\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876594\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876611\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1876619\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879536\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879538\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879540\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879541\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879545\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879557\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879559\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879563\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879564\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879566\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1879568\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1901219\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986877\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1986898\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-3899\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-9895\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Safari in Operator Side Effect Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_cwe_id(20, 77, 79, 119, 120, 125, 284, 400, 416, 522, 841);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:LibRaw\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:LibRaw-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnome-settings-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:webkit2gtk3-jsc-devel\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86

(RHSA-2021:0799) Moderate: OpenShift Virtualization 2.6.0 security and bug fix update

Description

Related