Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
suseSuseOPENSUSE-SU-2019:0185-1
HistoryFeb 14, 2019 - 12:00 a.m.

Security update for rmt-server (moderate)

2019-02-1400:00:00
lists.opensuse.org
147

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

87.9%

JSON

An update that solves three vulnerabilities and has 6 fixes
is now available.

Description:

This update for rmt-server to version 1.1.1 fixes the following issues:

The following issues have been fixed:

  • Fixed migration problems which caused some extensions / modules to be
    dropped (bsc#1118584, bsc#1118579)
  • Fixed listing of mirrored products (bsc#1102193)
  • Include online migration paths into offline migration (bsc#1117106)
  • Sync products that do not have a base product (bsc#1109307)
  • Fixed SLP auto discovery for RMT (bsc#1113760)

Update dependencies for security fixes:

  • CVE-2018-16468: Update loofah to 2.2.3 (bsc#1113969)
  • CVE-2018-16470: Update rack to 2.0.6 (bsc#1114831)
  • CVE-2018-14404: Update nokogiri to 1.8.5 (bsc#1102046)

This update was imported from the SUSE:SLE-15:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

  • openSUSE Leap 15.0:

    zypper in -t patch openSUSE-2019-185=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0x86_64< - openSUSE Leap 15.0 (x86_64):- openSUSE Leap 15.0 (x86_64):.x86_64.rpm

Related

nessus 46
openvas 20
veracode 4
osv 9
debiancve 3
prion 3
suse 3
redhatcve 3
fedora 7
cve 3
ubuntucve 3
hackerone 1
github 3
debian 3
freebsd 1
ibm 10
broadcom 1
alpinelinux 1
amazon 3
rubygems 2
photon 3
redhat 6
ubuntu 2
oraclelinux 2
mageia 1
cloudfoundry 1
centos 1
f5 1
altlinux 2
rosalinux 1
kitploit 1
tenable 1
ics 1
nessus
nessus
SUSE SLES15 Security Update : rmt-server (SUSE-SU-2019:0272-1)
2019-02-07 00:00:00
openSUSE Security Update : rmt-server (openSUSE-2019-185)
2019-02-15 00:00:00
Fedora 28 : rubygem-loofah (2018-d716df9942)
2019-01-03 00:00:00
openvas
openvas
openSUSE: Security Advisory for rmt-server (openSUSE-SU-2019:0185-1)
2019-02-15 00:00:00
Fedora Update for rubygem-loofah FEDORA-2018-d5fcbb9ca6
2019-05-07 00:00:00
Debian Security Advisory DSA 4364-1 (ruby-loofah - security update)
2019-01-08 00:00:00
veracode
veracode
Denial Of Service (DoS)
2018-11-07 02:07:19
Cross-site Scripting (XSS)
2018-10-31 03:41:40
Denial Of Service (DoS)
2018-07-19 02:58:01
osv
osv
Rack vulnerable to Denial of Service
2018-11-15 15:58:58
Loofah Cross-site Scripting vulnerability
2018-11-01 14:46:01
CVE-2018-16470
2018-11-13 23:29:00
debiancve
debiancve
CVE-2018-16470
2018-11-13 23:29:00
CVE-2018-16468
2018-10-30 21:29:00
CVE-2018-14404
2018-07-19 13:29:00
prion
prion
Code injection
2018-10-30 21:29:00
Design/Logic Flaw
2018-11-13 23:29:00
Null pointer dereference
2018-07-19 13:29:00
suse
suse
Security update for rubygem-loofah (moderate)
2018-11-30 00:12:22
Security update for libxml2 (moderate)
2018-10-12 12:12:16
Security update for libxml2 (moderate)
2018-10-12 12:10:07
redhatcve
redhatcve
CVE-2018-16470
2020-01-10 15:34:40
CVE-2018-16468
2018-11-05 21:49:58
CVE-2018-14404
2019-10-19 18:58:27
fedora
fedora
[SECURITY] Fedora 28 Update: rubygem-loofah-2.0.3-6.fc28
2018-11-28 02:46:20
[SECURITY] Fedora 27 Update: rubygem-loofah-2.0.3-6.fc27
2018-11-28 02:22:42
[SECURITY] Fedora 29 Update: rubygem-loofah-2.2.3-1.fc29
2018-11-28 02:43:14
cve
cve
CVE-2018-16468
2018-10-30 21:29:00
CVE-2018-16470
2018-11-13 23:29:00
CVE-2018-14404
2018-07-19 13:29:00
ubuntucve
ubuntucve
CVE-2018-16468
2018-10-30 00:00:00
CVE-2018-16470
2018-11-13 00:00:00
CVE-2018-14404
2018-07-19 00:00:00
hackerone
hackerone
Ruby on Rails: Specially constructed multi-part requests cause multi-second response times; vulnerable to DoS
2018-10-31 00:31:56
github
github
Rack vulnerable to Denial of Service
2018-11-15 15:58:58
Loofah Cross-site Scripting vulnerability
2018-11-01 14:46:01
Nokogiri NULL Pointer Dereference
2019-01-17 14:05:03
debian
debian
[SECURITY] [DSA 4364-1] ruby-loofah security update
2019-01-08 22:48:45
[SECURITY] [DLA 1524-1] libxml2 security update
2018-09-27 20:04:03
[SECURITY] [DLA 2369-1] libxml2 security update
2020-09-09 22:41:50
freebsd
freebsd
Loofah -- XSS vulnerability
2018-10-30 00:00:00
ibm
ibm
Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in libxml2 (CVE-2018-14404)
2023-12-07 22:45:03
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in libxml2 (CVE-2018-14404 CVE-2016-9318)
2020-01-09 19:18:07
Security Bulletin: Multiple Vulnerabilities in libxml2 affects IBM Watson Studio Local
2019-12-18 18:01:21
broadcom
broadcom
NULL pointer dereference in libxml2 through 2.9.8
2023-08-01 00:00:00
alpinelinux
alpinelinux
CVE-2018-14404
2018-07-19 13:29:00
amazon
amazon
Medium: libxml2
2018-09-05 19:31:00
Important: libxml2
2020-07-21 16:34:00
Important: libxml2
2020-08-10 22:59:00
rubygems
rubygems
Possible DoS vulnerability in Rack
2018-11-04 21:00:00
Nokogiri gem, via libxml2, is affected by multiple vulnerabilities
2018-10-03 21:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0193
2018-11-06 00:00:00
Critical Photon OS Security Update - PHSA-2018-0193
2018-11-06 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0106
2018-11-02 00:00:00
redhat
redhat
(RHSA-2020:1827) Moderate: libxml2 security update
2020-04-28 09:20:58
(RHSA-2020:1190) Moderate: libxml2 security update
2020-03-31 09:30:25
(RHSA-2019:3172) Moderate: Red Hat Satellite 6 security, bug fix, and enhancement update
2019-10-22 12:34:42
ubuntu
ubuntu
libxml2 vulnerabilities
2018-08-14 00:00:00
libxml2 vulnerabilities
2018-08-14 00:00:00
oraclelinux
oraclelinux
libxml2 security update
2020-05-05 00:00:00
libxml2 security update
2020-04-06 00:00:00
mageia
mageia
Updated libxml2 packages fix security vulnerabilities
2019-01-23 18:50:09
cloudfoundry
cloudfoundry
USN-3739-1: libxml2 vulnerabilities | Cloud Foundry
2018-09-11 00:00:00
centos
centos
libxml2 security update
2020-04-08 18:42:56
f5
f5
K76678525 : libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567
2022-02-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libxml2 version 1:2.9.9.0.52.f824-alt1
2019-05-22 00:00:00
Security fix for the ALT Linux 10 package libxml2 version 1:2.9.9.0.52.f824-alt1
2019-05-22 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34
kitploit
kitploit
Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI
2019-11-05 12:00:00
tenable
tenable
[R1] Nessus Network Monitor 6.2.2 Fixes Multiple Vulnerabilities
2023-06-29 10:45:47
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.021 Low

EPSS

Percentile

87.9%

JSON
Related for OPENSUSE-SU-2019:0185-1
nessus46openvas20veracode4osv9debiancve3prion3suse3redhatcve3fedora7cve3ubuntucve3hackerone1github3debian3freebsd1ibm10broadcom1alpinelinux1amazon3rubygems2photon3redhat6ubuntu2oraclelinux2mageia1cloudfoundry1centos1f51altlinux2rosalinux1kitploit1tenable1ics1