diff --git a/CHANGELOG.md b/CHANGELOG.md index 89fda37cfc..a2b62c9a57 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,57 +20,56 @@ All notable changes to the Wazuh app project will be documented in this file. - Upgraded the `axios` dependency to `1.7.4` [#6919](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6919) - Improved MITRE ATT&CK intelligence flyout details readability [#6954](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6954) -## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 05 +## Wazuh v4.9.0 - OpenSearch Dashboards 2.13.0 - Revision 07 ### Added - Support for Wazuh 4.9.0 - Added AngularJS dependencies [#6145](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6145) -- Added a migration task to setup the configuration using a configuration file [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) - Improve fleet management by adding 'Edit Agent Groups' and 'Upgrade Agents' actions, as well as a filter to show only outdated agents [#6250](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6250) [#6476](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6476) [#6274](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6274) [#6501](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6501) [#6529](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6529) [#6648](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6648) - Added propagation of updates from the table to dashboard visualizations in Endpoints summary [#6460](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6460) [#6737](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6737) - Handle index pattern selector on new discover [#6499](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6499) - Added macOS log collector tab [#6545](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6545) -- Add ability to disable the edition of configuration through API endpoints and UI [#6557](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6557) +- Added ability to disable the edition of configuration through API endpoints and UI [#6557](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6557) - Added journald log collector tab [#6572](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6572) - Added HAProxy helper settings to cluster configuration [#6653](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6653) - Added ability to open the report file or Reporting application from the toast message [#6558](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6558) - Added support for agents to Office 365 [#6558](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6558) - Added pinned agent data validation when rendering the Inventory data, Stats and Configuration tabs in Agent preview of Endpoints Summary [#6800](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6800) - Added wz-link component to make redirections [#6848](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6848) -- Add embedded and customized `dom-to-image-more` dependency [#6902](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6902) +- Added embedded and customized `dom-to-image-more` dependency [#6902](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6902) ### Changed -- Removed embedded discover [#6120](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6120) [#6235](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6235) [#6254](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6254) [#6285](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6285) [#6288](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6288) [#6290](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6290) [#6289](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6289) [#6286](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6286) [#6275](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6275) [#6287](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6287) [#6297](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6297) [#6291](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6287) [#6459](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6459) [#6434](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6434) [#6504](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6504) [#6649](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6649) [#6506](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6506) [#6537](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6537) [#6528](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6528) [#6675](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6675) [#6674](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6674) [#6558](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6558) [#6685](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6685) [#6691](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6691) [#6712](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6712) [#6734](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6734) [#6746](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6746) [#6752](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6752) [#6753](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6753) [#6756](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6756) [#6771](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6771) [#6792](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6792) [#6845](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6845) [#6857](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6857) [#6847](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6847) [#6865](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6865) [#6848](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6848) [#6843](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6843) [#6878](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6878) [#6883](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6883) [#6889](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6889) [#6902](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6902) [#6912](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6912) [#6917](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6917) [#6927](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6927) +- Removed legacy embedded discover [#6120](https://github.com/wazuh/wazuh-dashboard-plugins/issues/6120) - Allow editing groups for an agent from Endpoints Summary [#6250](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6250) -- Change how the configuration is managed in the backend side [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) [#6519](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6519) [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) -- Change the view of API is down and check connection to Server APIs application [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) +- Changed how the configuration is managed in the backend side [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) +- Changed the view of API is down and check connection to Server APIs application [#6337](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6337) - Changed the usage of the endpoint GET /groups/{group_id}/files/{file_name} [#6385](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6385) - Refactoring and redesign endpoints summary visualizations [#6268](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6268) [#6832](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6832) -- Move AngularJS settings controller to ReactJS [#6580](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6580) -- Move AngularJS controller and view for manage groups to ReactJS [#6543](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6543) -- Move AngularJS controllers and views of Tools and Dev Tools to ReactJS [#6544](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6544) -- Move the AngularJS controller and template of blank screen to ReactJS component [#6538](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6538) -- Move AngularJS controller for management to ReactJS component [#6555](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6555) -- Move AngularJS controller for overview to ReactJS component [#6594](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6594) +- Moved AngularJS settings controller to ReactJS [#6580](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6580) +- Moved AngularJS controller and view for manage groups to ReactJS [#6543](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6543) +- Moved AngularJS controllers and views of Tools and Dev Tools to ReactJS [#6544](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6544) +- Moved the AngularJS controller and template of blank screen to ReactJS component [#6538](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6538) +- Moved AngularJS controller for management to ReactJS component [#6555](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6555) +- Moved AngularJS controller for overview to ReactJS component [#6594](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6594) - Moved the registry data to in-memory cache [#6481](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6481) -- Enhance the validation for `enrollment.dns` on App Settings application [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) -- Remove some branding references across the application. [#6155](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6155) -- Move AngularJS controller for the agent view to ReactJS [#6618](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6618) -- Implement new data source feature on MITRE ATT&CK module [#6482](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6482) +- Enhanced the validation for `enrollment.dns` on App Settings application [#6573](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6573) +- Moved AngularJS controller for the agent view to ReactJS [#6618](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6618) +- Implemented new data source feature on MITRE ATT&CK module [#6482](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6482) - Upgraded versions of `follow-redirects` and `es5-ext` [#6626](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6626) - Changed agent log collector socket API response controller component [#6660](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6660) -- Improve margins and paddings in the Events, Inventory and Control tabs [#6708](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6708) +- Improved margins and paddings in the Events, Inventory and Control tabs [#6708](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6708) - Refactored the search bar to correctly handle fixed and user-added filters [#6716](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6716) [#6755](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6755) [#6833](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6833) - Generate URL with predefined filters [#6745](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6745) - Migrated AngularJS routing to ReactJS [#6689](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6689) [#6775](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6775) [#6790](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6790) [#6893](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6893) - Improvement of the filter management system by implementing new standard modules [#6534](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6534) [#6772](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6772) [#6873](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6873) - Changed permalink field in the Events tab table in Virustotal to show an external link [#6839](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6839) - Changed the logging system to use the provided by the platform [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) -- Change the internal control from Endpoint Groups to a control via url. [#6890](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6890) -- Change the internal control from Mitre > intelligence > Table to a control via url. [#6882](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6882) +- Changed the internal control from Endpoint Groups to a control via url. [#6890](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6890) +- Changed the internal control from MITRE ATT&CK > intelligence > Table to a control via url. [#6882](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6882) - Changed the display of rule details flyout to be based on URL [#6886](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6886) +- Changed the order of columns on Vulnerabilities Detection > Events table [#6949](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6949) ### Fixed @@ -81,7 +80,7 @@ All notable changes to the Wazuh app project will be documented in this file. - Fixed styles in small height viewports [#6747](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6747) - Fixed behavior in Configuration Assessment when changing API [#6770](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6770) - Fixed the fixed maximum width of the clear session button in the ruleset test view [#6871](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6871) -- Fixed the width of the last modification column of the table in Windows Registry [#6876](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6876) +- Fixed the width of the "last modified" column of the table in Windows Registry [#6876](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6876) - Fixed redirection to FIM > Inventory > Files from FIM > Inventory > Windows Registry when switching to non-Windows agent. [#6880](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6880) ### Removed @@ -94,7 +93,7 @@ All notable changes to the Wazuh app project will be documented in this file. - Removed AngularJS service `config-handler` [#6631](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6631) - Removed legacy discover references and methods [#6646](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6646) - Removed custom EuiSuggestItem component in favor of OUI's native component [#6714](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6714) -- Removed API endpoint unused endpoints from creation of old visualisations: GET /elastic/visualizations/{tab}/{pattern} and GET /elastic/visualizations/{tab}/{pattern} [#6782](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6782) +- Removed API endpoint unused endpoints from creation of old visualizations: GET /elastic/visualizations/{tab}/{pattern} and GET /elastic/visualizations/{tab}/{pattern} [#6782](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6782) - Removed `logs.level` setting [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) - Removed the usage of `wazuhapp-plain.log`, `wazuhapp.log`, `wazuh-ui-plain.log` and `wazuh-ui.log` files [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) - Removed the `App logs` application [#6161](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6161) diff --git a/plugins/main/public/components/overview/overview.tsx b/plugins/main/public/components/overview/overview.tsx index f8f36df351..12476ad0a7 100644 --- a/plugins/main/public/components/overview/overview.tsx +++ b/plugins/main/public/components/overview/overview.tsx @@ -26,6 +26,8 @@ import { } from '../../services/resolves'; import { useRouterSearch } from '../common/hooks'; import NavigationService from '../../react-services/navigation-service'; +import { cloneDeep } from 'lodash'; +import { migrateLegacyQuery } from '../../utils/migrate_legacy_query'; export const Overview: React.FC = withRouteResolvers({ enableMenu, @@ -56,7 +58,7 @@ export const Overview: React.FC = withRouteResolvers({ const appStateFromUrl = osdUrlStateStorage.get('_a') as AppState; let initialAppState = { - ...data.query.queryString.getDefaultQuery(), + query: migrateLegacyQuery(data.query.queryString.getDefaultQuery()), ...appStateFromUrl, }; const appStateContainer = createStateContainer(initialAppState); @@ -80,6 +82,15 @@ export const Overview: React.FC = withRouteResolvers({ stateStorage: osdUrlStateStorage, }); + // sync initial app filters from state to filterManager + // https://github.com/opensearch-project/OpenSearch-Dashboards/blob/2.13.0/src/plugins/dashboard/public/application/utils/use/use_dashboard_app_state.tsx#L84-L86 + data.query.filterManager.setAppFilters( + cloneDeep(appStateContainer.getState().filters), + ); + data.query.queryString.setQuery( + migrateLegacyQuery(appStateContainer.getState().query), + ); + const stopSyncingQueryAppStateWithStateContainer = connectToQueryState( data.query, appStateContainer, diff --git a/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx b/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx index bff59b03bc..d1ee7ce042 100644 --- a/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx +++ b/plugins/main/public/components/overview/vulnerabilities/events/vulnerabilities-columns.tsx @@ -9,9 +9,6 @@ export const vulnerabilitiesColumns: tDataGridColumn[] = [ { id: 'agent.name', }, - { - id: 'data.vulnerability.package.name', - }, { id: 'data.vulnerability.cve', }, @@ -19,9 +16,12 @@ export const vulnerabilitiesColumns: tDataGridColumn[] = [ id: 'data.vulnerability.severity', }, { - id: 'data.vulnerability.status', + id: 'data.vulnerability.package.name', }, { id: 'data.vulnerability.package.version', }, + { + id: 'data.vulnerability.status', + }, ]; diff --git a/plugins/main/public/utils/migrate_legacy_query.ts b/plugins/main/public/utils/migrate_legacy_query.ts new file mode 100644 index 0000000000..d3f9eefcfe --- /dev/null +++ b/plugins/main/public/utils/migrate_legacy_query.ts @@ -0,0 +1,50 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * + * The OpenSearch Contributors require contributions made to + * this file be licensed under the Apache-2.0 license or a + * compatible open source license. + * + * Any modifications Copyright OpenSearch Contributors. See + * GitHub history for details. + */ + +/* + * Licensed to Elasticsearch B.V. under one or more contributor + * license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright + * ownership. Elasticsearch B.V. licenses this file to you under + * the Apache License, Version 2.0 (the "License"); you may + * not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +import { has } from 'lodash'; +import { Query } from 'src/plugins/data/public'; + +/** + * Creates a standardized query object from old queries that were either strings or pure OpenSearch query DSL + * + * @param query - a legacy query, what used to be stored in SearchSource's query property + * @return Object + */ + +export function migrateLegacyQuery( + query: Query | { [key: string]: any } | string, +): Query { + // Lucene was the only option before, so language-less queries are all lucene + if (!has(query, 'language')) { + return { query, language: 'lucene' }; + } + + return query as Query; +} diff --git a/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js b/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js index a35c4c97fa..a0a217e3e4 100644 --- a/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js +++ b/plugins/main/server/lib/generate-alerts/sample-data/vulnerabilities.js @@ -1,67 +1,4003 @@ // Vulnerability export const data = [ - {"rule":{"level":7,"description":"CVE-2017-18018 affects coreutils","id":"23504","firedtimes":1},"data":{"vulnerability":{"package":{"name":"coreutils","version":"8.28-1ubuntu1","architecture":"amd64","condition":"Package less or equal than 8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"high","availability":"none"},"base_score":"4.700000"}},"cve":"CVE-2017-18018","title":"CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.","severity":"Medium","published":"2018-01-04","updated":"2018-01-19","state":"Fixed","cwe_reference":"CWE-362","references":["http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2017-18018","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html","http://www.openwall.com/lists/oss-security/2018/01/04/3","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects imagemagick","id":"23504","firedtimes":2},"data":{"vulnerability":{"package":{"name":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects libmagickcore-6.q16-3","id":"23504","firedtimes":5},"data":{"vulnerability":{"package":{"name":"libmagickcore-6.q16-3","source":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-18684 affects sudo","id":"23504","firedtimes":87},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.21p2-3ubuntu1.2","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"6.900000"}},"cve":"CVE-2019-18684","title":"** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write \"ALL ALL=(ALL) NOPASSWD:ALL\" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.","severity":"Medium","published":"2019-11-04","updated":"2019-11-08","state":"Fixed","cwe_reference":"CWE-362","references":["https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd","https://nvd.nist.gov/vuln/detail/CVE-2019-18684"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20482 affects tar","id":"23504","firedtimes":88},"data":{"vulnerability":{"package":{"name":"tar","version":"1.29b-2ubuntu0.1","architecture":"amd64","condition":"Package less or equal than 1.30"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.700000"}},"cve":"CVE-2018-20482","title":"CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-835","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377","https://bugzilla.redhat.com/show_bug.cgi?id=1662346"],"references":["http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454","http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html","http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html","http://www.securityfocus.com/bid/106354","https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html","https://news.ycombinator.com/item?id=18745431","https://security.gentoo.org/glsa/201903-05","https://twitter.com/thatcks/status/1076166645708668928","https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug","https://nvd.nist.gov/vuln/detail/CVE-2018-20482","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2015-2987 affects ed","id":"23503","firedtimes":9},"data":{"vulnerability":{"package":{"name":"ed","version":"1.10-2.1","architecture":"amd64","condition":"Package less or equal than 3.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.600000"}},"cve":"CVE-2015-2987","title":"Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.","severity":"Low","published":"2015-08-28","updated":"2015-08-31","state":"Fixed","cwe_reference":"CWE-17","references":["http://jvn.jp/en/jp/JVN91474878/index.html","http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119","http://type74.org/edman5-1.php","http://type74org.blog14.fc2.com/blog-entry-1384.html","https://nvd.nist.gov/vuln/detail/CVE-2015-2987"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-8769 affects elfutils","id":"23505","firedtimes":45},"data":{"vulnerability":{"package":{"name":"elfutils","version":"0.170-0.4ubuntu0.1","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-8769","title":"elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.","severity":"High","published":"2018-03-18","updated":"2019-10-03","state":"Pending confirmation","cwe_reference":"CWE-125","references":["https://sourceware.org/bugzilla/show_bug.cgi?id=22976","https://nvd.nist.gov/vuln/detail/CVE-2018-8769"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects libc-bin","id":"23503","firedtimes":12},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects multiarch-support","id":"23503","firedtimes":17},"data":{"vulnerability":{"package":{"name":"multiarch-support","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects libsqlite3-0","id":"23503","firedtimes":18},"data":{"vulnerability":{"package":{"name":"libsqlite3-0","source":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects sqlite3","id":"23503","firedtimes":19},"data":{"vulnerability":{"package":{"name":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects passwd","id":"23503","firedtimes":21},"data":{"vulnerability":{"package":{"name":"passwd","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1003010 affects git","id":"23504","firedtimes":162},"data":{"vulnerability":{"package":{"name":"git","version":"1:2.17.1-1ubuntu0.7","architecture":"amd64","condition":"Package less or equal than 3.9.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"4.300000"}},"cve":"CVE-2019-1003010","title":"A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.","severity":"Medium","published":"2019-02-06","updated":"2019-04-26","state":"Fixed","cwe_reference":"CWE-352","references":["https://access.redhat.com/errata/RHBA-2019:0326","https://access.redhat.com/errata/RHBA-2019:0327","https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095","https://nvd.nist.gov/vuln/detail/CVE-2019-1003010"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-9366 affects screen","id":"23505","firedtimes":77},"data":{"vulnerability":{"package":{"name":"screen","version":"4.6.2-1ubuntu1","architecture":"amd64","condition":"Package less than 4.8.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2020-9366","title":"A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.","severity":"High","published":"2020-02-24","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-120","references":["http://www.openwall.com/lists/oss-security/2020/02/25/1","https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html","https://security.gentoo.org/glsa/202003-62","https://www.openwall.com/lists/oss-security/2020/02/06/3","https://nvd.nist.gov/vuln/detail/CVE-2020-9366"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-15847 affects gcc","id":"23505","firedtimes":86},"data":{"vulnerability":{"package":{"name":"gcc","source":"gcc-defaults","version":"4:7.4.0-1ubuntu2.3","architecture":"amd64","condition":"Package less than 10.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"7.500000"}},"cve":"CVE-2019-15847","title":"CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.","severity":"High","published":"2019-09-02","updated":"2020-05-26","state":"Fixed","cwe_reference":"CWE-331","bugzilla_references":["https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html","https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481","https://nvd.nist.gov/vuln/detail/CVE-2019-15847","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-14988 affects libopenexr22","id":"23504","firedtimes":189},"data":{"vulnerability":{"package":{"name":"libopenexr22","source":"openexr","version":"2.2.0-11.1ubuntu1.2","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-14988","title":"** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.","severity":"Medium","published":"2017-10-03","updated":"2019-09-23","state":"Pending confirmation","cwe_reference":"CWE-400","references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html","https://github.com/openexr/openexr/issues/248","https://nvd.nist.gov/vuln/detail/CVE-2017-14988"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2","id":"23504","firedtimes":190},"data":{"vulnerability":{"package":{"name":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-bin","id":"23504","firedtimes":191},"data":{"vulnerability":{"package":{"name":"apache2-bin","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-data","id":"23504","firedtimes":192},"data":{"vulnerability":{"package":{"name":"apache2-data","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-utils","id":"23504","firedtimes":193},"data":{"vulnerability":{"package":{"name":"apache2-utils","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-client","id":"23504","firedtimes":197},"data":{"vulnerability":{"package":{"name":"openssh-client","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-server","id":"23504","firedtimes":198},"data":{"vulnerability":{"package":{"name":"openssh-server","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17595 affects ncurses-base","id":"23504","firedtimes":222},"data":{"vulnerability":{"package":{"name":"ncurses-base","source":"ncurses","version":"6.1-1ubuntu1.18.04","architecture":"all","condition":"Package less than 6.1.20191012"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"partial"},"base_score":"5.800000"}},"cve":"CVE-2019-17595","title":"CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.","severity":"Medium","published":"2019-10-14","updated":"2019-12-23","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2019-17595","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17543 affects liblz4-1","id":"23504","firedtimes":244},"data":{"vulnerability":{"package":{"name":"liblz4-1","source":"lz4","version":"0.0~r131-2ubuntu2","architecture":"amd64","condition":"Package less than 1.9.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17543","title":"CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"","severity":"Medium","published":"2019-10-14","updated":"2019-10-24","state":"Fixed","cwe_reference":"CWE-120","bugzilla_references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2","https://github.com/lz4/lz4/issues/801","https://github.com/lz4/lz4/pull/756","https://github.com/lz4/lz4/pull/760","https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2019-17543","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20217 affects libkrb5-3","id":"23504","firedtimes":254},"data":{"vulnerability":{"package":{"name":"libkrb5-3","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"single","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"3.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.300000"}},"cve":"CVE-2018-20217","title":"CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Unfixed","cwe_reference":"CWE-617","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387","http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763"],"references":["http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763","https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086","https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/","https://security.netapp.com/advisory/ntap-20190416-0006/","https://nvd.nist.gov/vuln/detail/CVE-2018-20217","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-14036 affects accountsservice","id":"23504","firedtimes":256},"data":{"vulnerability":{"package":{"name":"accountsservice","version":"0.6.40-2ubuntu11.3","architecture":"amd64","condition":"Package less than 0.6.50"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"single","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"4"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"6.500000"}},"cve":"CVE-2018-14036","title":"CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.","severity":"Medium","published":"2018-07-13","updated":"2018-09-06","state":"Fixed","cwe_reference":"CWE-22","bugzilla_references":["https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699"],"references":["http://www.openwall.com/lists/oss-security/2018/07/02/2","http://www.securityfocus.com/bid/104757","https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699","https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a","https://nvd.nist.gov/vuln/detail/CVE-2018-14036","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-7244 affects libpcre3","id":"23504","firedtimes":265},"data":{"vulnerability":{"package":{"name":"libpcre3","source":"pcre3","version":"2:8.38-3.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-7244","title":"CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.","severity":"Medium","published":"2017-03-23","updated":"2018-08-17","state":"Unfixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683","https://bugs.exim.org/show_bug.cgi?id=2052","https://bugs.exim.org/show_bug.cgi?id=2054"],"references":["http://www.securityfocus.com/bid/97067","https://access.redhat.com/errata/RHSA-2018:2486","https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/","https://security.gentoo.org/glsa/201710-25","https://nvd.nist.gov/vuln/detail/CVE-2017-7244","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-8631 affects grub-legacy-ec2","id":"23503","firedtimes":32},"data":{"vulnerability":{"package":{"name":"grub-legacy-ec2","source":"cloud-init","version":"19.4-33-gbb4131a2-0ubuntu1~16.04.1","architecture":"all","condition":"Package less or equal than 19.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"}},"cve":"CVE-2020-8631","title":"CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.","severity":"Low","published":"2020-02-05","updated":"2020-02-21","state":"Fixed","cwe_reference":"CWE-330","references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html","https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795","https://github.com/canonical/cloud-init/pull/204","https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html","https://nvd.nist.gov/vuln/detail/CVE-2020-8631","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-20079 affects vim","id":"23505","firedtimes":109},"data":{"vulnerability":{"package":{"name":"vim","version":"2:7.4.1689-3ubuntu1.4","architecture":"amd64","condition":"Package less than 8.1.2136"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2019-20079","title":"The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.","severity":"High","published":"2019-12-30","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-416","references":["https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136","https://packetstormsecurity.com/files/154898","https://usn.ubuntu.com/4309-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-20079"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-4484 affects cryptsetup","id":"23504","firedtimes":290},"data":{"vulnerability":{"package":{"name":"cryptsetup","version":"2:1.6.6-5ubuntu2.1","architecture":"amd64","condition":"Package less or equal than 2.1.7.3-2"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.800000"}},"cve":"CVE-2016-4484","title":"CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.","severity":"Medium","published":"2017-01-23","updated":"2017-01-26","state":"Fixed","cwe_reference":"CWE-287","bugzilla_references":["https://launchpad.net/bugs/1660701"],"references":["http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html","http://www.openwall.com/lists/oss-security/2016/11/14/13","http://www.openwall.com/lists/oss-security/2016/11/15/1","http://www.openwall.com/lists/oss-security/2016/11/15/4","http://www.openwall.com/lists/oss-security/2016/11/16/6","http://www.securityfocus.com/bid/94315","https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb","https://nvd.nist.gov/vuln/detail/CVE-2016-4484","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-13050 affects gnupg","id":"23505","firedtimes":114},"data":{"vulnerability":{"package":{"name":"gnupg","version":"1.4.20-1ubuntu3.3","architecture":"amd64","condition":"Package less or equal than 2.2.16"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"7.500000"}},"cve":"CVE-2019-13050","title":"CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.","severity":"High","published":"2019-06-29","updated":"2019-07-09","state":"Fixed","cwe_reference":"CWE-297","bugzilla_references":["https://bugs.launchpad.net/bugs/1844059","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050","https://dev.gnupg.org/T4591","https://dev.gnupg.org/T4607","https://dev.gnupg.org/T4628"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html","https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/","https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html","https://support.f5.com/csp/article/K08654551","https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS","https://twitter.com/lambdafu/status/1147162583969009664","https://nvd.nist.gov/vuln/detail/CVE-2019-13050","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects mount","id":"23505","firedtimes":128},"data":{"vulnerability":{"package":{"name":"mount","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects util-linux","id":"23505","firedtimes":129},"data":{"vulnerability":{"package":{"name":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects uuid-runtime","id":"23505","firedtimes":130},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1547 affects libssl1.0.0","id":"23503","firedtimes":35},"data":{"vulnerability":{"package":{"name":"libssl1.0.0","source":"openssl","version":"1.0.2g-1ubuntu4.15","architecture":"amd64","condition":"Package greater or equal than 1.0.2 and less or equal than 1.0.2s"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"1.900000"}},"cve":"CVE-2019-1547","title":"CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-09-10","updated":"2019-09-12","state":"Fixed","cwe_reference":"CWE-311","references":["http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html","http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html","http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html","https://arxiv.org/abs/1909.01785","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a","https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/","https://seclists.org/bugtraq/2019/Oct/0","https://seclists.org/bugtraq/2019/Oct/1","https://seclists.org/bugtraq/2019/Sep/25","https://security.gentoo.org/glsa/201911-04","https://security.netapp.com/advisory/ntap-20190919-0002/","https://security.netapp.com/advisory/ntap-20200122-0002/","https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS","https://www.debian.org/security/2019/dsa-4539","https://www.debian.org/security/2019/dsa-4540","https://www.openssl.org/news/secadv/20190910.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1547","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547","https://usn.ubuntu.com/usn/usn-4376-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-3843 affects systemd","id":"23505","firedtimes":134},"data":{"vulnerability":{"package":{"name":"systemd","version":"229-4ubuntu21.27","architecture":"amd64","condition":"Package less than 242"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"4.600000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2019-3843","title":"It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.","severity":"High","published":"2019-04-26","updated":"2019-06-19","state":"Fixed","cwe_reference":"CWE-264","references":["http://www.securityfocus.com/bid/108116","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/","https://security.netapp.com/advisory/ntap-20190619-0002/","https://usn.ubuntu.com/4269-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-3843"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-11727 affects thunderbird","id":"23504","firedtimes":312},"data":{"vulnerability":{"package":{"name":"thunderbird","version":"1:68.8.0+build2-0ubuntu0.16.04.2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2019-11727","title":"CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.","severity":"Medium","published":"2019-07-23","updated":"2019-07-30","state":"Unfixed","cwe_reference":"CWE-295","bugzilla_references":["https://bugzilla.mozilla.org/show_bug.cgi?id=1552208"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html","https://access.redhat.com/errata/RHSA-2019:1951","https://bugzilla.mozilla.org/show_bug.cgi?id=1552208","https://security.gentoo.org/glsa/201908-12","https://www.mozilla.org/security/advisories/mfsa2019-21/","https://nvd.nist.gov/vuln/detail/CVE-2019-11727","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727","https://usn.ubuntu.com/usn/usn-4054-1","https://usn.ubuntu.com/usn/usn-4060-1","https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-18276 affects bash","id":"23505","firedtimes":158},"data":{"vulnerability":{"package":{"name":"bash","version":"4.3-14ubuntu1.4","architecture":"amd64","condition":"Package less or equal than 5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"}},"cve":"CVE-2019-18276","title":"CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.","severity":"High","published":"2019-11-28","updated":"2020-04-30","state":"Fixed","cwe_reference":"CWE-273","bugzilla_references":["https://bugzilla.suse.com/show_bug.cgi?id=1158028"],"references":["http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html","https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff","https://security.netapp.com/advisory/ntap-20200430-0003/","https://www.youtube.com/watch?v=-wGtxJ8opa8","https://nvd.nist.gov/vuln/detail/CVE-2019-18276","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-9502 affects curl","id":"23504","firedtimes":334},"data":{"vulnerability":{"package":{"name":"curl","version":"7.47.0-1ubuntu2.14","architecture":"amd64","condition":"Package less or equal than 7.54.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"low"},"base_score":"5.300000"}},"cve":"CVE-2017-9502","title":"In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given \"URL\" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string \"file://\").","severity":"Medium","published":"2017-06-14","updated":"2017-07-08","state":"Fixed","cwe_reference":"CWE-119","references":["http://openwall.com/lists/oss-security/2017/06/14/1","http://www.securityfocus.com/bid/99120","http://www.securitytracker.com/id/1038697","https://curl.haxx.se/docs/adv_20170614.html","https://nvd.nist.gov/vuln/detail/CVE-2017-9502"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-20483 affects wget","id":"23505","firedtimes":175},"data":{"vulnerability":{"package":{"name":"wget","version":"1.17.1-1ubuntu1.5","architecture":"amd64","condition":"Package less than 1.20.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-20483","title":"set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.","severity":"High","published":"2018-12-26","updated":"2019-04-09","state":"Fixed","cwe_reference":"CWE-255","references":["http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS","http://www.securityfocus.com/bid/106358","https://access.redhat.com/errata/RHSA-2019:3701","https://security.gentoo.org/glsa/201903-08","https://security.netapp.com/advisory/ntap-20190321-0002/","https://twitter.com/marcan42/status/1077676739877232640","https://usn.ubuntu.com/3943-1/","https://nvd.nist.gov/vuln/detail/CVE-2018-20483"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1010204 affects binutils","id":"23504","firedtimes":369},"data":{"vulnerability":{"package":{"name":"binutils","version":"2.26.1-1ubuntu1~16.04.8","architecture":"amd64","condition":"Package greater or equal than 2.21 and less or equal than 2.31.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2019-1010204","title":"CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.","severity":"Medium","published":"2019-07-23","updated":"2019-08-22","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://sourceware.org/bugzilla/show_bug.cgi?id=23765"],"references":["https://security.netapp.com/advisory/ntap-20190822-0001/","https://sourceware.org/bugzilla/show_bug.cgi?id=23765","https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS","https://nvd.nist.gov/vuln/detail/CVE-2019-1010204","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-14855 affects dirmngr","id":"23504","firedtimes":382},"data":{"vulnerability":{"package":{"name":"dirmngr","source":"gnupg2","version":"2.1.11-6ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-14855","title":"CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.","severity":"Medium","published":"2020-03-20","updated":"2020-03-24","state":"Unfixed","cwe_reference":"CWE-327","bugzilla_references":["https://dev.gnupg.org/T4755"],"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855","https://dev.gnupg.org/T4755","https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html","https://rwc.iacr.org/2020/slides/Leurent.pdf","https://nvd.nist.gov/vuln/detail/CVE-2019-14855","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855","https://eprint.iacr.org/2020/014.pdf"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-5011 affects uuid-runtime","id":"23504","firedtimes":395},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"complete"},"base_score":"4.700000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.300000"}},"cve":"CVE-2016-5011","title":"CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.","severity":"Medium","published":"2017-04-11","updated":"2017-04-17","state":"Unfixed","cwe_reference":"CWE-399","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802","https://bugzilla.redhat.com/show_bug.cgi?id=1349536"],"references":["http://rhn.redhat.com/errata/RHSA-2016-2605.html","http://www.openwall.com/lists/oss-security/2016/07/11/2","http://www.securityfocus.com/bid/91683","http://www.securitytracker.com/id/1036272","http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543","http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801","https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3","https://nvd.nist.gov/vuln/detail/CVE-2016-5011","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2015-5191 affects open-vm-tools","id":"23504","firedtimes":396},"data":{"vulnerability":{"package":{"name":"open-vm-tools","version":"2:10.2.0-3~ubuntu0.16.04.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.700000"}},"cve":"CVE-2015-5191","title":"CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","severity":"Medium","published":"2017-07-28","updated":"2017-08-08","state":"Unfixed","cwe_reference":"CWE-362","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633"],"references":["http://www.securityfocus.com/bid/100011","http://www.securitytracker.com/id/1039013","https://www.vmware.com/security/advisories/VMSA-2017-0013.html","https://nvd.nist.gov/vuln/detail/CVE-2015-5191","http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-8975 affects netpbm","id":"23504","firedtimes":397},"data":{"vulnerability":{"package":{"name":"netpbm","source":"netpbm-free","version":"2:10.0-15.3","architecture":"amd64","condition":"Package less or equal than 10.81.03"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2018-8975","title":"The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.","severity":"Medium","published":"2018-03-25","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-125","references":["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html","https://github.com/xiaoqx/pocs/blob/master/netpbm","https://nvd.nist.gov/vuln/detail/CVE-2018-8975"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-19232 affects sudo","id":"23504","firedtimes":398},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.16-0ubuntu1.9","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-19232","title":"CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.","severity":"Medium","published":"2019-12-19","updated":"2020-01-30","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225"],"references":["http://seclists.org/fulldisclosure/2020/Mar/31","https://access.redhat.com/security/cve/cve-2019-19232","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870","https://security.netapp.com/advisory/ntap-20200103-0004/","https://support.apple.com/en-gb/HT211100","https://support.apple.com/kb/HT211100","https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232","https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506","https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html","https://www.oracle.com/security-alerts/bulletinapr2020.html","https://www.sudo.ws/devel.html#1.8.30b2","https://www.sudo.ws/stable.html","https://www.tenable.com/plugins/nessus/133936","https://nvd.nist.gov/vuln/detail/CVE-2019-19232","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-12588 affects rsyslog","id":"23506","firedtimes":64},"data":{"vulnerability":{"package":{"name":"rsyslog","version":"8.16.0-1ubuntu3.1","architecture":"amd64","condition":"Package less or equal than 8.27.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-12588","title":"The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.","severity":"Critical","published":"2017-08-06","updated":"2017-08-14","state":"Fixed","cwe_reference":"CWE-134","references":["https://github.com/rsyslog/rsyslog/blob/master/ChangeLog","https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b","https://github.com/rsyslog/rsyslog/pull/1565","https://nvd.nist.gov/vuln/detail/CVE-2017-12588"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-18342 affects python3-yaml","id":"23506","firedtimes":65},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.11-3build1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-18342","title":"CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.","severity":"Critical","published":"2018-06-27","updated":"2019-06-24","state":"Unfixed","cwe_reference":"CWE-20","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878"],"references":["https://github.com/marshmallow-code/apispec/issues/278","https://github.com/yaml/pyyaml/blob/master/CHANGES","https://github.com/yaml/pyyaml/issues/193","https://github.com/yaml/pyyaml/pull/74","https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/","https://security.gentoo.org/glsa/202003-45","https://nvd.nist.gov/vuln/detail/CVE-2017-18342","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15994 affects rsync","id":"23506","firedtimes":66},"data":{"vulnerability":{"package":{"name":"rsync","version":"3.1.1-3ubuntu1.3","architecture":"amd64","condition":"Package less or equal than 3.1.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15994","title":"rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.","severity":"Critical","published":"2017-10-29","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-354","references":["https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3","https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55","https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b","https://nvd.nist.gov/vuln/detail/CVE-2017-15994"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2019-9169 affects libc6","id":"23506","firedtimes":68},"data":{"vulnerability":{"package":{"name":"libc6","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2019-9169","title":"CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.","severity":"Critical","published":"2019-02-26","updated":"2019-04-16","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://sourceware.org/bugzilla/show_bug.cgi?id=24114"],"references":["http://www.securityfocus.com/bid/107160","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://kc.mcafee.com/corporate/index?page=content&id=SB10278","https://security.netapp.com/advisory/ntap-20190315-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=24114","https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9","https://support.f5.com/csp/article/K54823184","https://nvd.nist.gov/vuln/detail/CVE-2019-9169","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15088 affects krb5-locales","id":"23506","firedtimes":73},"data":{"vulnerability":{"package":{"name":"krb5-locales","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15088","title":"CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.","severity":"Critical","published":"2017-11-23","updated":"2019-10-09","state":"Unfixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698"],"references":["http://www.securityfocus.com/bid/101594","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698","https://bugzilla.redhat.com/show_bug.cgi?id=1504045","https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4","https://github.com/krb5/krb5/pull/707","https://nvd.nist.gov/vuln/detail/CVE-2017-15088","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2018-6485 affects libc-bin","id":"23506","firedtimes":78},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.26"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2018-6485","title":"CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.","severity":"Critical","published":"2018-02-01","updated":"2019-12-10","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["http://bugs.debian.org/878159","https://sourceware.org/bugzilla/show_bug.cgi?id=22343"],"references":["http://bugs.debian.org/878159","http://www.securityfocus.com/bid/102912","https://access.redhat.com/errata/RHBA-2019:0327","https://access.redhat.com/errata/RHSA-2018:3092","https://security.netapp.com/advisory/ntap-20190404-0003/","https://sourceware.org/bugzilla/show_bug.cgi?id=22343","https://usn.ubuntu.com/4218-1/","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://nvd.nist.gov/vuln/detail/CVE-2018-6485","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485","https://usn.ubuntu.com/usn/usn-4218-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7944 affects libxfixes3","id":"23506","firedtimes":82},"data":{"vulnerability":{"package":{"name":"libxfixes3","source":"libxfixes","version":"1:5.0.1-2","architecture":"amd64","condition":"Package less or equal than 5.0.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7944","title":"CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442"],"references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93361","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7944","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7947 affects libxrandr2","id":"23506","firedtimes":83},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7947","title":"CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93365","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7947","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7948 affects libxrandr2","id":"23506","firedtimes":84},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7948","title":"CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93373","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7948","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, + { + rule: { + level: 7, + description: 'CVE-2017-18018 affects coreutils', + id: '23504', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'coreutils', + version: '8.28-1ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'high', + availability: 'none', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2017-18018', + title: 'CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.', + severity: 'Medium', + published: '2018-01-04', + updated: '2018-01-19', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18018', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html', + 'http://www.openwall.com/lists/oss-security/2018/01/04/3', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects imagemagick', + id: '23504', + firedtimes: 2, + }, + data: { + vulnerability: { + package: { + name: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects libmagickcore-6.q16-3', + id: '23504', + firedtimes: 5, + }, + data: { + vulnerability: { + package: { + name: 'libmagickcore-6.q16-3', + source: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-18684 affects sudo', + id: '23504', + firedtimes: 87, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.21p2-3ubuntu1.2', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '6.900000', + }, + }, + cve: 'CVE-2019-18684', + title: + '** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.', + severity: 'Medium', + published: '2019-11-04', + updated: '2019-11-08', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18684', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20482 affects tar', + id: '23504', + firedtimes: 88, + }, + data: { + vulnerability: { + package: { + name: 'tar', + version: '1.29b-2ubuntu0.1', + architecture: 'amd64', + condition: 'Package less or equal than 1.30', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2018-20482', + title: 'CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).", + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-835', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1662346', + ], + references: [ + 'http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454', + 'http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html', + 'http://www.securityfocus.com/bid/106354', + 'https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html', + 'https://news.ycombinator.com/item?id=18745431', + 'https://security.gentoo.org/glsa/201903-05', + 'https://twitter.com/thatcks/status/1076166645708668928', + 'https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20482', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2015-2987 affects ed', + id: '23503', + firedtimes: 9, + }, + data: { + vulnerability: { + package: { + name: 'ed', + version: '1.10-2.1', + architecture: 'amd64', + condition: 'Package less or equal than 3.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.600000', + }, + }, + cve: 'CVE-2015-2987', + title: + 'Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.', + severity: 'Low', + published: '2015-08-28', + updated: '2015-08-31', + state: 'Fixed', + cwe_reference: 'CWE-17', + references: [ + 'http://jvn.jp/en/jp/JVN91474878/index.html', + 'http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119', + 'http://type74.org/edman5-1.php', + 'http://type74org.blog14.fc2.com/blog-entry-1384.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-2987', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-8769 affects elfutils', + id: '23505', + firedtimes: 45, + }, + data: { + vulnerability: { + package: { + name: 'elfutils', + version: '0.170-0.4ubuntu0.1', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-8769', + title: + 'elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.', + severity: 'High', + published: '2018-03-18', + updated: '2019-10-03', + state: 'Pending confirmation', + cwe_reference: 'CWE-125', + references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22976', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8769', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects libc-bin', + id: '23503', + firedtimes: 12, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects multiarch-support', + id: '23503', + firedtimes: 17, + }, + data: { + vulnerability: { + package: { + name: 'multiarch-support', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects libsqlite3-0', + id: '23503', + firedtimes: 18, + }, + data: { + vulnerability: { + package: { + name: 'libsqlite3-0', + source: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects sqlite3', + id: '23503', + firedtimes: 19, + }, + data: { + vulnerability: { + package: { + name: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects passwd', + id: '23503', + firedtimes: 21, + }, + data: { + vulnerability: { + package: { + name: 'passwd', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1003010 affects git', + id: '23504', + firedtimes: 162, + }, + data: { + vulnerability: { + package: { + name: 'git', + version: '1:2.17.1-1ubuntu0.7', + architecture: 'amd64', + condition: 'Package less or equal than 3.9.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2019-1003010', + title: + 'A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.', + severity: 'Medium', + published: '2019-02-06', + updated: '2019-04-26', + state: 'Fixed', + cwe_reference: 'CWE-352', + references: [ + 'https://access.redhat.com/errata/RHBA-2019:0326', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-9366 affects screen', + id: '23505', + firedtimes: 77, + }, + data: { + vulnerability: { + package: { + name: 'screen', + version: '4.6.2-1ubuntu1', + architecture: 'amd64', + condition: 'Package less than 4.8.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2020-9366', + title: + 'A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.', + severity: 'High', + published: '2020-02-24', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'http://www.openwall.com/lists/oss-security/2020/02/25/1', + 'https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html', + 'https://security.gentoo.org/glsa/202003-62', + 'https://www.openwall.com/lists/oss-security/2020/02/06/3', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-9366', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-15847 affects gcc', + id: '23505', + firedtimes: 86, + }, + data: { + vulnerability: { + package: { + name: 'gcc', + source: 'gcc-defaults', + version: '4:7.4.0-1ubuntu2.3', + architecture: 'amd64', + condition: 'Package less than 10.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-15847', + title: 'CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.', + severity: 'High', + published: '2019-09-02', + updated: '2020-05-26', + state: 'Fixed', + cwe_reference: 'CWE-331', + bugzilla_references: [ + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html', + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-15847', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-14988 affects libopenexr22', + id: '23504', + firedtimes: 189, + }, + data: { + vulnerability: { + package: { + name: 'libopenexr22', + source: 'openexr', + version: '2.2.0-11.1ubuntu1.2', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-14988', + title: + "** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.", + severity: 'Medium', + published: '2017-10-03', + updated: '2019-09-23', + state: 'Pending confirmation', + cwe_reference: 'CWE-400', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html', + 'https://github.com/openexr/openexr/issues/248', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-14988', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2', + id: '23504', + firedtimes: 190, + }, + data: { + vulnerability: { + package: { + name: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-bin', + id: '23504', + firedtimes: 191, + }, + data: { + vulnerability: { + package: { + name: 'apache2-bin', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-data', + id: '23504', + firedtimes: 192, + }, + data: { + vulnerability: { + package: { + name: 'apache2-data', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-utils', + id: '23504', + firedtimes: 193, + }, + data: { + vulnerability: { + package: { + name: 'apache2-utils', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-client', + id: '23504', + firedtimes: 197, + }, + data: { + vulnerability: { + package: { + name: 'openssh-client', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-server', + id: '23504', + firedtimes: 198, + }, + data: { + vulnerability: { + package: { + name: 'openssh-server', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17595 affects ncurses-base', + id: '23504', + firedtimes: 222, + }, + data: { + vulnerability: { + package: { + name: 'ncurses-base', + source: 'ncurses', + version: '6.1-1ubuntu1.18.04', + architecture: 'all', + condition: 'Package less than 6.1.20191012', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2019-17595', + title: 'CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-12-23', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17595', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17543 affects liblz4-1', + id: '23504', + firedtimes: 244, + }, + data: { + vulnerability: { + package: { + name: 'liblz4-1', + source: 'lz4', + version: '0.0~r131-2ubuntu2', + architecture: 'amd64', + condition: 'Package less than 1.9.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17543', + title: 'CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-24', + state: 'Fixed', + cwe_reference: 'CWE-120', + bugzilla_references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html', + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2', + 'https://github.com/lz4/lz4/issues/801', + 'https://github.com/lz4/lz4/pull/756', + 'https://github.com/lz4/lz4/pull/760', + 'https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17543', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20217 affects libkrb5-3', + id: '23504', + firedtimes: 254, + }, + data: { + vulnerability: { + package: { + name: 'libkrb5-3', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'single', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '3.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-20217', + title: 'CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.', + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Unfixed', + cwe_reference: 'CWE-617', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387', + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + ], + references: [ + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + 'https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086', + 'https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/', + 'https://security.netapp.com/advisory/ntap-20190416-0006/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20217', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-14036 affects accountsservice', + id: '23504', + firedtimes: 256, + }, + data: { + vulnerability: { + package: { + name: 'accountsservice', + version: '0.6.40-2ubuntu11.3', + architecture: 'amd64', + condition: 'Package less than 0.6.50', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'single', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '4', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '6.500000', + }, + }, + cve: 'CVE-2018-14036', + title: 'CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.', + severity: 'Medium', + published: '2018-07-13', + updated: '2018-09-06', + state: 'Fixed', + cwe_reference: 'CWE-22', + bugzilla_references: [ + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2018/07/02/2', + 'http://www.securityfocus.com/bid/104757', + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + 'https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-14036', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-7244 affects libpcre3', + id: '23504', + firedtimes: 265, + }, + data: { + vulnerability: { + package: { + name: 'libpcre3', + source: 'pcre3', + version: '2:8.38-3.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-7244', + title: 'CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.', + severity: 'Medium', + published: '2017-03-23', + updated: '2018-08-17', + state: 'Unfixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683', + 'https://bugs.exim.org/show_bug.cgi?id=2052', + 'https://bugs.exim.org/show_bug.cgi?id=2054', + ], + references: [ + 'http://www.securityfocus.com/bid/97067', + 'https://access.redhat.com/errata/RHSA-2018:2486', + 'https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/', + 'https://security.gentoo.org/glsa/201710-25', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-7244', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-8631 affects grub-legacy-ec2', + id: '23503', + firedtimes: 32, + }, + data: { + vulnerability: { + package: { + name: 'grub-legacy-ec2', + source: 'cloud-init', + version: '19.4-33-gbb4131a2-0ubuntu1~16.04.1', + architecture: 'all', + condition: 'Package less or equal than 19.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2020-8631', + title: 'CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.', + severity: 'Low', + published: '2020-02-05', + updated: '2020-02-21', + state: 'Fixed', + cwe_reference: 'CWE-330', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html', + 'https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795', + 'https://github.com/canonical/cloud-init/pull/204', + 'https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-8631', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-20079 affects vim', + id: '23505', + firedtimes: 109, + }, + data: { + vulnerability: { + package: { + name: 'vim', + version: '2:7.4.1689-3ubuntu1.4', + architecture: 'amd64', + condition: 'Package less than 8.1.2136', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-20079', + title: + 'The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.', + severity: 'High', + published: '2019-12-30', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421', + 'https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136', + 'https://packetstormsecurity.com/files/154898', + 'https://usn.ubuntu.com/4309-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-20079', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-4484 affects cryptsetup', + id: '23504', + firedtimes: 290, + }, + data: { + vulnerability: { + package: { + name: 'cryptsetup', + version: '2:1.6.6-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package less or equal than 2.1.7.3-2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2016-4484', + title: 'CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.', + severity: 'Medium', + published: '2017-01-23', + updated: '2017-01-26', + state: 'Fixed', + cwe_reference: 'CWE-287', + bugzilla_references: ['https://launchpad.net/bugs/1660701'], + references: [ + 'http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html', + 'http://www.openwall.com/lists/oss-security/2016/11/14/13', + 'http://www.openwall.com/lists/oss-security/2016/11/15/1', + 'http://www.openwall.com/lists/oss-security/2016/11/15/4', + 'http://www.openwall.com/lists/oss-security/2016/11/16/6', + 'http://www.securityfocus.com/bid/94315', + 'https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-4484', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-13050 affects gnupg', + id: '23505', + firedtimes: 114, + }, + data: { + vulnerability: { + package: { + name: 'gnupg', + version: '1.4.20-1ubuntu3.3', + architecture: 'amd64', + condition: 'Package less or equal than 2.2.16', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-13050', + title: 'CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.', + severity: 'High', + published: '2019-06-29', + updated: '2019-07-09', + state: 'Fixed', + cwe_reference: 'CWE-297', + bugzilla_references: [ + 'https://bugs.launchpad.net/bugs/1844059', + 'https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050', + 'https://dev.gnupg.org/T4591', + 'https://dev.gnupg.org/T4607', + 'https://dev.gnupg.org/T4628', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html', + 'https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html', + 'https://support.f5.com/csp/article/K08654551', + 'https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS', + 'https://twitter.com/lambdafu/status/1147162583969009664', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-13050', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects mount', + id: '23505', + firedtimes: 128, + }, + data: { + vulnerability: { + package: { + name: 'mount', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects util-linux', + id: '23505', + firedtimes: 129, + }, + data: { + vulnerability: { + package: { + name: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects uuid-runtime', + id: '23505', + firedtimes: 130, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1547 affects libssl1.0.0', + id: '23503', + firedtimes: 35, + }, + data: { + vulnerability: { + package: { + name: 'libssl1.0.0', + source: 'openssl', + version: '1.0.2g-1ubuntu4.15', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.0.2 and less or equal than 1.0.2s', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '1.900000', + }, + }, + cve: 'CVE-2019-1547', + title: 'CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).', + severity: 'Low', + published: '2019-09-10', + updated: '2019-09-12', + state: 'Fixed', + cwe_reference: 'CWE-311', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html', + 'http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html', + 'https://arxiv.org/abs/1909.01785', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a', + 'https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/', + 'https://seclists.org/bugtraq/2019/Oct/0', + 'https://seclists.org/bugtraq/2019/Oct/1', + 'https://seclists.org/bugtraq/2019/Sep/25', + 'https://security.gentoo.org/glsa/201911-04', + 'https://security.netapp.com/advisory/ntap-20190919-0002/', + 'https://security.netapp.com/advisory/ntap-20200122-0002/', + 'https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS', + 'https://www.debian.org/security/2019/dsa-4539', + 'https://www.debian.org/security/2019/dsa-4540', + 'https://www.openssl.org/news/secadv/20190910.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1547', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547', + 'https://usn.ubuntu.com/usn/usn-4376-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-3843 affects systemd', + id: '23505', + firedtimes: 134, + }, + data: { + vulnerability: { + package: { + name: 'systemd', + version: '229-4ubuntu21.27', + architecture: 'amd64', + condition: 'Package less than 242', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '4.600000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2019-3843', + title: + 'It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.', + severity: 'High', + published: '2019-04-26', + updated: '2019-06-19', + state: 'Fixed', + cwe_reference: 'CWE-264', + references: [ + 'http://www.securityfocus.com/bid/108116', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/', + 'https://security.netapp.com/advisory/ntap-20190619-0002/', + 'https://usn.ubuntu.com/4269-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-3843', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-11727 affects thunderbird', + id: '23504', + firedtimes: 312, + }, + data: { + vulnerability: { + package: { + name: 'thunderbird', + version: '1:68.8.0+build2-0ubuntu0.16.04.2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2019-11727', + title: 'CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-07-30', + state: 'Unfixed', + cwe_reference: 'CWE-295', + bugzilla_references: [ + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html', + 'https://access.redhat.com/errata/RHSA-2019:1951', + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + 'https://security.gentoo.org/glsa/201908-12', + 'https://www.mozilla.org/security/advisories/mfsa2019-21/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-11727', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727', + 'https://usn.ubuntu.com/usn/usn-4054-1', + 'https://usn.ubuntu.com/usn/usn-4060-1', + 'https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-18276 affects bash', + id: '23505', + firedtimes: 158, + }, + data: { + vulnerability: { + package: { + name: 'bash', + version: '4.3-14ubuntu1.4', + architecture: 'amd64', + condition: 'Package less or equal than 5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + }, + cve: 'CVE-2019-18276', + title: 'CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.', + severity: 'High', + published: '2019-11-28', + updated: '2020-04-30', + state: 'Fixed', + cwe_reference: 'CWE-273', + bugzilla_references: [ + 'https://bugzilla.suse.com/show_bug.cgi?id=1158028', + ], + references: [ + 'http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html', + 'https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff', + 'https://security.netapp.com/advisory/ntap-20200430-0003/', + 'https://www.youtube.com/watch?v=-wGtxJ8opa8', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18276', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-9502 affects curl', + id: '23504', + firedtimes: 334, + }, + data: { + vulnerability: { + package: { + name: 'curl', + version: '7.47.0-1ubuntu2.14', + architecture: 'amd64', + condition: 'Package less or equal than 7.54.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'low', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2017-9502', + title: + 'In curl before 7.54.1 on Windows and DOS, libcurl\'s default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given "URL" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string "file://").', + severity: 'Medium', + published: '2017-06-14', + updated: '2017-07-08', + state: 'Fixed', + cwe_reference: 'CWE-119', + references: [ + 'http://openwall.com/lists/oss-security/2017/06/14/1', + 'http://www.securityfocus.com/bid/99120', + 'http://www.securitytracker.com/id/1038697', + 'https://curl.haxx.se/docs/adv_20170614.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-9502', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-20483 affects wget', + id: '23505', + firedtimes: 175, + }, + data: { + vulnerability: { + package: { + name: 'wget', + version: '1.17.1-1ubuntu1.5', + architecture: 'amd64', + condition: 'Package less than 1.20.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-20483', + title: + "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", + severity: 'High', + published: '2018-12-26', + updated: '2019-04-09', + state: 'Fixed', + cwe_reference: 'CWE-255', + references: [ + 'http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS', + 'http://www.securityfocus.com/bid/106358', + 'https://access.redhat.com/errata/RHSA-2019:3701', + 'https://security.gentoo.org/glsa/201903-08', + 'https://security.netapp.com/advisory/ntap-20190321-0002/', + 'https://twitter.com/marcan42/status/1077676739877232640', + 'https://usn.ubuntu.com/3943-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20483', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1010204 affects binutils', + id: '23504', + firedtimes: 369, + }, + data: { + vulnerability: { + package: { + name: 'binutils', + version: '2.26.1-1ubuntu1~16.04.8', + architecture: 'amd64', + condition: + 'Package greater or equal than 2.21 and less or equal than 2.31.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2019-1010204', + title: 'CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-08-22', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + ], + references: [ + 'https://security.netapp.com/advisory/ntap-20190822-0001/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + 'https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1010204', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-14855 affects dirmngr', + id: '23504', + firedtimes: 382, + }, + data: { + vulnerability: { + package: { + name: 'dirmngr', + source: 'gnupg2', + version: '2.1.11-6ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-14855', + title: 'CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.', + severity: 'Medium', + published: '2020-03-20', + updated: '2020-03-24', + state: 'Unfixed', + cwe_reference: 'CWE-327', + bugzilla_references: ['https://dev.gnupg.org/T4755'], + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855', + 'https://dev.gnupg.org/T4755', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html', + 'https://rwc.iacr.org/2020/slides/Leurent.pdf', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-14855', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855', + 'https://eprint.iacr.org/2020/014.pdf', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-5011 affects uuid-runtime', + id: '23504', + firedtimes: 395, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'complete', + }, + base_score: '4.700000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2016-5011', + title: 'CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.', + severity: 'Medium', + published: '2017-04-11', + updated: '2017-04-17', + state: 'Unfixed', + cwe_reference: 'CWE-399', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1349536', + ], + references: [ + 'http://rhn.redhat.com/errata/RHSA-2016-2605.html', + 'http://www.openwall.com/lists/oss-security/2016/07/11/2', + 'http://www.securityfocus.com/bid/91683', + 'http://www.securitytracker.com/id/1036272', + 'http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543', + 'http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801', + 'https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-5011', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2015-5191 affects open-vm-tools', + id: '23504', + firedtimes: 396, + }, + data: { + vulnerability: { + package: { + name: 'open-vm-tools', + version: '2:10.2.0-3~ubuntu0.16.04.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.700000', + }, + }, + cve: 'CVE-2015-5191', + title: 'CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H', + severity: 'Medium', + published: '2017-07-28', + updated: '2017-08-08', + state: 'Unfixed', + cwe_reference: 'CWE-362', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633', + ], + references: [ + 'http://www.securityfocus.com/bid/100011', + 'http://www.securitytracker.com/id/1039013', + 'https://www.vmware.com/security/advisories/VMSA-2017-0013.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-5191', + 'http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-8975 affects netpbm', + id: '23504', + firedtimes: 397, + }, + data: { + vulnerability: { + package: { + name: 'netpbm', + source: 'netpbm-free', + version: '2:10.0-15.3', + architecture: 'amd64', + condition: 'Package less or equal than 10.81.03', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2018-8975', + title: + 'The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.', + severity: 'Medium', + published: '2018-03-25', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-125', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html', + 'https://github.com/xiaoqx/pocs/blob/master/netpbm', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8975', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-19232 affects sudo', + id: '23504', + firedtimes: 398, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.16-0ubuntu1.9', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-19232', + title: 'CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + '** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.', + severity: 'Medium', + published: '2019-12-19', + updated: '2020-01-30', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225', + ], + references: [ + 'http://seclists.org/fulldisclosure/2020/Mar/31', + 'https://access.redhat.com/security/cve/cve-2019-19232', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870', + 'https://security.netapp.com/advisory/ntap-20200103-0004/', + 'https://support.apple.com/en-gb/HT211100', + 'https://support.apple.com/kb/HT211100', + 'https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232', + 'https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506', + 'https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html', + 'https://www.oracle.com/security-alerts/bulletinapr2020.html', + 'https://www.sudo.ws/devel.html#1.8.30b2', + 'https://www.sudo.ws/stable.html', + 'https://www.tenable.com/plugins/nessus/133936', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19232', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-12588 affects rsyslog', + id: '23506', + firedtimes: 64, + }, + data: { + vulnerability: { + package: { + name: 'rsyslog', + version: '8.16.0-1ubuntu3.1', + architecture: 'amd64', + condition: 'Package less or equal than 8.27.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-12588', + title: + 'The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.', + severity: 'Critical', + published: '2017-08-06', + updated: '2017-08-14', + state: 'Fixed', + cwe_reference: 'CWE-134', + references: [ + 'https://github.com/rsyslog/rsyslog/blob/master/ChangeLog', + 'https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b', + 'https://github.com/rsyslog/rsyslog/pull/1565', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-12588', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-18342 affects python3-yaml', + id: '23506', + firedtimes: 65, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.11-3build1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-18342', + title: 'CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + "In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.", + severity: 'Critical', + published: '2018-06-27', + updated: '2019-06-24', + state: 'Unfixed', + cwe_reference: 'CWE-20', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878', + ], + references: [ + 'https://github.com/marshmallow-code/apispec/issues/278', + 'https://github.com/yaml/pyyaml/blob/master/CHANGES', + 'https://github.com/yaml/pyyaml/issues/193', + 'https://github.com/yaml/pyyaml/pull/74', + 'https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/', + 'https://security.gentoo.org/glsa/202003-45', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18342', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15994 affects rsync', + id: '23506', + firedtimes: 66, + }, + data: { + vulnerability: { + package: { + name: 'rsync', + version: '3.1.1-3ubuntu1.3', + architecture: 'amd64', + condition: 'Package less or equal than 3.1.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15994', + title: + 'rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.', + severity: 'Critical', + published: '2017-10-29', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-354', + references: [ + 'https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3', + 'https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55', + 'https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15994', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2019-9169 affects libc6', + id: '23506', + firedtimes: 68, + }, + data: { + vulnerability: { + package: { + name: 'libc6', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2019-9169', + title: 'CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.', + severity: 'Critical', + published: '2019-02-26', + updated: '2019-04-16', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + ], + references: [ + 'http://www.securityfocus.com/bid/107160', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://kc.mcafee.com/corporate/index?page=content&id=SB10278', + 'https://security.netapp.com/advisory/ntap-20190315-0002/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9', + 'https://support.f5.com/csp/article/K54823184', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-9169', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15088 affects krb5-locales', + id: '23506', + firedtimes: 73, + }, + data: { + vulnerability: { + package: { + name: 'krb5-locales', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15088', + title: 'CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.', + severity: 'Critical', + published: '2017-11-23', + updated: '2019-10-09', + state: 'Unfixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + ], + references: [ + 'http://www.securityfocus.com/bid/101594', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1504045', + 'https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4', + 'https://github.com/krb5/krb5/pull/707', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15088', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2018-6485 affects libc-bin', + id: '23506', + firedtimes: 78, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.26', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2018-6485', + title: 'CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.', + severity: 'Critical', + published: '2018-02-01', + updated: '2019-12-10', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'http://bugs.debian.org/878159', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + ], + references: [ + 'http://bugs.debian.org/878159', + 'http://www.securityfocus.com/bid/102912', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://access.redhat.com/errata/RHSA-2018:3092', + 'https://security.netapp.com/advisory/ntap-20190404-0003/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + 'https://usn.ubuntu.com/4218-1/', + 'https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-6485', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485', + 'https://usn.ubuntu.com/usn/usn-4218-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7944 affects libxfixes3', + id: '23506', + firedtimes: 82, + }, + data: { + vulnerability: { + package: { + name: 'libxfixes3', + source: 'libxfixes', + version: '1:5.0.1-2', + architecture: 'amd64', + condition: 'Package less or equal than 5.0.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7944', + title: 'CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93361', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7944', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7947 affects libxrandr2', + id: '23506', + firedtimes: 83, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7947', + title: 'CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93365', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7947', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7948 affects libxrandr2', + id: '23506', + firedtimes: 84, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7948', + title: 'CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93373', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7948', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, ]; diff --git a/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js b/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js index 1b36a497a7..e894e8ece5 100644 --- a/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js +++ b/scripts/wazuh-alerts-generator/lib/modules/vulnerabilities.js @@ -1,67 +1,4003 @@ // Vulnerability module.exports.data = [ - {"rule":{"level":7,"description":"CVE-2017-18018 affects coreutils","id":"23504","firedtimes":1},"data":{"vulnerability":{"package":{"name":"coreutils","version":"8.28-1ubuntu1","architecture":"amd64","condition":"Package less or equal than 8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"high","availability":"none"},"base_score":"4.700000"}},"cve":"CVE-2017-18018","title":"CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.","severity":"Medium","published":"2018-01-04","updated":"2018-01-19","state":"Fixed","cwe_reference":"CWE-362","references":["http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2017-18018","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html","http://www.openwall.com/lists/oss-security/2018/01/04/3","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html","https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects imagemagick","id":"23504","firedtimes":2},"data":{"vulnerability":{"package":{"name":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17540 affects libmagickcore-6.q16-3","id":"23504","firedtimes":5},"data":{"vulnerability":{"package":{"name":"libmagickcore-6.q16-3","source":"imagemagick","version":"8:6.9.7.4+dfsg-16ubuntu6.8","architecture":"amd64","condition":"Package less than 7.0.8-54"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17540","title":"ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.","severity":"Medium","published":"2019-10-14","updated":"2019-10-23","state":"Fixed","cwe_reference":"CWE-120","references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578","https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54","https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D","https://security-tracker.debian.org/tracker/CVE-2019-17540","https://nvd.nist.gov/vuln/detail/CVE-2019-17540"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-1000035 affects unzip","id":"23505","firedtimes":1},"data":{"vulnerability":{"package":{"name":"unzip","version":"6.0-21ubuntu1","architecture":"amd64","condition":"Package less or equal than 6.00"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-1000035","title":"CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.","severity":"High","published":"2018-02-09","updated":"2020-01-29","state":"Fixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"],"references":["https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html","https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html","https://security.gentoo.org/glsa/202003-58","https://nvd.nist.gov/vuln/detail/CVE-2018-1000035","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-1747 affects python3-yaml","id":"23505","firedtimes":44},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.12-1build2","architecture":"amd64","condition":"Package less than 5.3.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"10"}},"cve":"CVE-2020-1747","title":"A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.","severity":"High","published":"2020-03-24","updated":"2020-05-11","state":"Fixed","cwe_reference":"CWE-20","references":["http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747","https://github.com/yaml/pyyaml/pull/386","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/","https://nvd.nist.gov/vuln/detail/CVE-2020-1747"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-18684 affects sudo","id":"23504","firedtimes":87},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.21p2-3ubuntu1.2","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"6.900000"}},"cve":"CVE-2019-18684","title":"** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write \"ALL ALL=(ALL) NOPASSWD:ALL\" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.","severity":"Medium","published":"2019-11-04","updated":"2019-11-08","state":"Fixed","cwe_reference":"CWE-362","references":["https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd","https://nvd.nist.gov/vuln/detail/CVE-2019-18684"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20482 affects tar","id":"23504","firedtimes":88},"data":{"vulnerability":{"package":{"name":"tar","version":"1.29b-2ubuntu0.1","architecture":"amd64","condition":"Package less or equal than 1.30"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.700000"}},"cve":"CVE-2018-20482","title":"CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-835","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377","https://bugzilla.redhat.com/show_bug.cgi?id=1662346"],"references":["http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454","http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html","http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html","http://www.securityfocus.com/bid/106354","https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html","https://news.ycombinator.com/item?id=18745431","https://security.gentoo.org/glsa/201903-05","https://twitter.com/thatcks/status/1076166645708668928","https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug","https://nvd.nist.gov/vuln/detail/CVE-2018-20482","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2015-2987 affects ed","id":"23503","firedtimes":9},"data":{"vulnerability":{"package":{"name":"ed","version":"1.10-2.1","architecture":"amd64","condition":"Package less or equal than 3.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.600000"}},"cve":"CVE-2015-2987","title":"Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.","severity":"Low","published":"2015-08-28","updated":"2015-08-31","state":"Fixed","cwe_reference":"CWE-17","references":["http://jvn.jp/en/jp/JVN91474878/index.html","http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119","http://type74.org/edman5-1.php","http://type74org.blog14.fc2.com/blog-entry-1384.html","https://nvd.nist.gov/vuln/detail/CVE-2015-2987"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-8769 affects elfutils","id":"23505","firedtimes":45},"data":{"vulnerability":{"package":{"name":"elfutils","version":"0.170-0.4ubuntu0.1","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-8769","title":"elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.","severity":"High","published":"2018-03-18","updated":"2019-10-03","state":"Pending confirmation","cwe_reference":"CWE-125","references":["https://sourceware.org/bugzilla/show_bug.cgi?id=22976","https://nvd.nist.gov/vuln/detail/CVE-2018-8769"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1552 affects openssl","id":"23503","firedtimes":11},"data":{"vulnerability":{"package":{"name":"openssl","version":"1.1.1-1ubuntu2.1~18.04.6","architecture":"amd64","condition":"Package greater or equal than 1.1.1 and less or equal than 1.1.1c"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"1.900000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"3.300000"}},"cve":"CVE-2019-1552","title":"OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-07-30","updated":"2019-08-23","state":"Fixed","cwe_reference":"CWE-295","references":["https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/","https://security.netapp.com/advisory/ntap-20190823-0006/","https://support.f5.com/csp/article/K94041354","https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS","https://www.openssl.org/news/secadv/20190730.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1552"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects libc-bin","id":"23503","firedtimes":12},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-1752 affects multiarch-support","id":"23503","firedtimes":17},"data":{"vulnerability":{"package":{"name":"multiarch-support","source":"glibc","version":"2.27-3ubuntu1","architecture":"amd64","condition":"Package less than 2.32.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"}},"cve":"CVE-2020-1752","title":"CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.","rationale":"A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.","severity":"Low","published":"2020-04-30","updated":"2020-05-18","state":"Fixed","cwe_reference":"CWE-416","references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752","https://security.netapp.com/advisory/ntap-20200511-0005/","https://sourceware.org/bugzilla/show_bug.cgi?id=25414","https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c","https://nvd.nist.gov/vuln/detail/CVE-2020-1752","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752","https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects libsqlite3-0","id":"23503","firedtimes":18},"data":{"vulnerability":{"package":{"name":"libsqlite3-0","source":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-19645 affects sqlite3","id":"23503","firedtimes":19},"data":{"vulnerability":{"package":{"name":"sqlite3","version":"3.22.0-1ubuntu0.3","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"2.100000"}},"cve":"CVE-2019-19645","title":"CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.","severity":"Low","published":"2019-12-09","updated":"2019-12-23","state":"Unfixed","cwe_reference":"CWE-674","references":["https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06","https://security.netapp.com/advisory/ntap-20191223-0001/","https://www.oracle.com/security-alerts/cpuapr2020.html","https://nvd.nist.gov/vuln/detail/CVE-2019-19645","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects passwd","id":"23503","firedtimes":21},"data":{"vulnerability":{"package":{"name":"passwd","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2013-4235 affects login","id":"23503","firedtimes":20},"data":{"vulnerability":{"package":{"name":"login","source":"shadow","version":"1:4.5-1ubuntu2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"partial"},"base_score":"3.300000"}},"cve":"CVE-2013-4235","title":"CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees","severity":"Low","published":"2019-12-03","updated":"2019-12-13","state":"Unfixed","cwe_reference":"CWE-367","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950","https://bugzilla.redhat.com/show_bug.cgi?id=884658"],"references":["https://access.redhat.com/security/cve/cve-2013-4235","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235","https://security-tracker.debian.org/tracker/CVE-2013-4235","https://nvd.nist.gov/vuln/detail/CVE-2013-4235","http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1003010 affects git","id":"23504","firedtimes":162},"data":{"vulnerability":{"package":{"name":"git","version":"1:2.17.1-1ubuntu0.7","architecture":"amd64","condition":"Package less or equal than 3.9.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"4.300000"}},"cve":"CVE-2019-1003010","title":"A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.","severity":"Medium","published":"2019-02-06","updated":"2019-04-26","state":"Fixed","cwe_reference":"CWE-352","references":["https://access.redhat.com/errata/RHBA-2019:0326","https://access.redhat.com/errata/RHBA-2019:0327","https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095","https://nvd.nist.gov/vuln/detail/CVE-2019-1003010"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2020-9366 affects screen","id":"23505","firedtimes":77},"data":{"vulnerability":{"package":{"name":"screen","version":"4.6.2-1ubuntu1","architecture":"amd64","condition":"Package less than 4.8.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2020-9366","title":"A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.","severity":"High","published":"2020-02-24","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-120","references":["http://www.openwall.com/lists/oss-security/2020/02/25/1","https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html","https://security.gentoo.org/glsa/202003-62","https://www.openwall.com/lists/oss-security/2020/02/06/3","https://nvd.nist.gov/vuln/detail/CVE-2020-9366"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-15847 affects gcc","id":"23505","firedtimes":86},"data":{"vulnerability":{"package":{"name":"gcc","source":"gcc-defaults","version":"4:7.4.0-1ubuntu2.3","architecture":"amd64","condition":"Package less than 10.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"7.500000"}},"cve":"CVE-2019-15847","title":"CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.","severity":"High","published":"2019-09-02","updated":"2020-05-26","state":"Fixed","cwe_reference":"CWE-331","bugzilla_references":["https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html","http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html","https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481","https://nvd.nist.gov/vuln/detail/CVE-2019-15847","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-14988 affects libopenexr22","id":"23504","firedtimes":189},"data":{"vulnerability":{"package":{"name":"libopenexr22","source":"openexr","version":"2.2.0-11.1ubuntu1.2","architecture":"amd64","condition":"Package matches a vulnerable version"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-14988","title":"** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.","severity":"Medium","published":"2017-10-03","updated":"2019-09-23","state":"Pending confirmation","cwe_reference":"CWE-400","references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html","https://github.com/openexr/openexr/issues/248","https://nvd.nist.gov/vuln/detail/CVE-2017-14988"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2","id":"23504","firedtimes":190},"data":{"vulnerability":{"package":{"name":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-bin","id":"23504","firedtimes":191},"data":{"vulnerability":{"package":{"name":"apache2-bin","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-data","id":"23504","firedtimes":192},"data":{"vulnerability":{"package":{"name":"apache2-data","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2020-1927 affects apache2-utils","id":"23504","firedtimes":193},"data":{"vulnerability":{"package":{"name":"apache2-utils","source":"apache2","version":"2.4.29-1ubuntu4.13","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"none"},"base_score":"5.800000"}},"cve":"CVE-2020-1927","title":"CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.","severity":"Medium","published":"2020-04-02","updated":"2020-04-03","state":"Unfixed","cwe_reference":"CWE-601","references":["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html","http://www.openwall.com/lists/oss-security/2020/04/03/1","http://www.openwall.com/lists/oss-security/2020/04/04/1","https://httpd.apache.org/security/vulnerabilities_24.html","https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E","https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E","https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E","https://security.netapp.com/advisory/ntap-20200413-0002/","https://nvd.nist.gov/vuln/detail/CVE-2020-1927","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927","https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-client","id":"23504","firedtimes":197},"data":{"vulnerability":{"package":{"name":"openssh-client","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-15919 affects openssh-server","id":"23504","firedtimes":198},"data":{"vulnerability":{"package":{"name":"openssh-server","source":"openssh","version":"1:7.6p1-4ubuntu0.3","architecture":"amd64","condition":"Package greater or equal than 5.9 and less or equal than 7.8"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"low","integrity_impact":"none","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2018-15919","title":"CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.","rationale":"Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or \"oracle\") as a vulnerability.'","severity":"Medium","published":"2018-08-28","updated":"2019-03-07","state":"Fixed","cwe_reference":"CWE-200","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503","https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919"],"references":["http://seclists.org/oss-sec/2018/q3/180","http://www.securityfocus.com/bid/105163","https://security.netapp.com/advisory/ntap-20181221-0001/","https://nvd.nist.gov/vuln/detail/CVE-2018-15919","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html","http://www.openwall.com/lists/oss-security/2018/08/27/2","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17595 affects ncurses-base","id":"23504","firedtimes":222},"data":{"vulnerability":{"package":{"name":"ncurses-base","source":"ncurses","version":"6.1-1ubuntu1.18.04","architecture":"all","condition":"Package less than 6.1.20191012"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"partial"},"base_score":"5.800000"}},"cve":"CVE-2019-17595","title":"CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.","rationale":"There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.","severity":"Medium","published":"2019-10-14","updated":"2019-12-23","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html","http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html","https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html","https://nvd.nist.gov/vuln/detail/CVE-2019-17595","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-17543 affects liblz4-1","id":"23504","firedtimes":244},"data":{"vulnerability":{"package":{"name":"liblz4-1","source":"lz4","version":"0.0~r131-2ubuntu2","architecture":"amd64","condition":"Package less than 1.9.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"6.800000"}},"cve":"CVE-2019-17543","title":"CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states \"only a few specific / uncommon usages of the API are at risk.\"","severity":"Medium","published":"2019-10-14","updated":"2019-10-24","state":"Fixed","cwe_reference":"CWE-120","bugzilla_references":["https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html","https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941","https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2","https://github.com/lz4/lz4/issues/801","https://github.com/lz4/lz4/pull/756","https://github.com/lz4/lz4/pull/760","https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E","https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E","https://nvd.nist.gov/vuln/detail/CVE-2019-17543","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-20217 affects libkrb5-3","id":"23504","firedtimes":254},"data":{"vulnerability":{"package":{"name":"libkrb5-3","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"single","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"3.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"high","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.300000"}},"cve":"CVE-2018-20217","title":"CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.","severity":"Medium","published":"2018-12-26","updated":"2019-10-03","state":"Unfixed","cwe_reference":"CWE-617","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387","http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763"],"references":["http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763","https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086","https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/","https://security.netapp.com/advisory/ntap-20190416-0006/","https://nvd.nist.gov/vuln/detail/CVE-2018-20217","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-14036 affects accountsservice","id":"23504","firedtimes":256},"data":{"vulnerability":{"package":{"name":"accountsservice","version":"0.6.40-2ubuntu11.3","architecture":"amd64","condition":"Package less than 0.6.50"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"single","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"4"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"none","availability":"none"},"base_score":"6.500000"}},"cve":"CVE-2018-14036","title":"CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.","severity":"Medium","published":"2018-07-13","updated":"2018-09-06","state":"Fixed","cwe_reference":"CWE-22","bugzilla_references":["https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699"],"references":["http://www.openwall.com/lists/oss-security/2018/07/02/2","http://www.securityfocus.com/bid/104757","https://bugs.freedesktop.org/show_bug.cgi?id=107085","https://bugzilla.suse.com/show_bug.cgi?id=1099699","https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a","https://nvd.nist.gov/vuln/detail/CVE-2018-14036","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-7244 affects libpcre3","id":"23504","firedtimes":265},"data":{"vulnerability":{"package":{"name":"libpcre3","source":"pcre3","version":"2:8.38-3.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2017-7244","title":"CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.","severity":"Medium","published":"2017-03-23","updated":"2018-08-17","state":"Unfixed","cwe_reference":"CWE-125","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683","https://bugs.exim.org/show_bug.cgi?id=2052","https://bugs.exim.org/show_bug.cgi?id=2054"],"references":["http://www.securityfocus.com/bid/97067","https://access.redhat.com/errata/RHSA-2018:2486","https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/","https://security.gentoo.org/glsa/201710-25","https://nvd.nist.gov/vuln/detail/CVE-2017-7244","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2020-8631 affects grub-legacy-ec2","id":"23503","firedtimes":32},"data":{"vulnerability":{"package":{"name":"grub-legacy-ec2","source":"cloud-init","version":"19.4-33-gbb4131a2-0ubuntu1~16.04.1","architecture":"all","condition":"Package less or equal than 19.4"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"}},"cve":"CVE-2020-8631","title":"CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.","severity":"Low","published":"2020-02-05","updated":"2020-02-21","state":"Fixed","cwe_reference":"CWE-330","references":["http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html","https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795","https://github.com/canonical/cloud-init/pull/204","https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html","https://nvd.nist.gov/vuln/detail/CVE-2020-8631","http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-20079 affects vim","id":"23505","firedtimes":109},"data":{"vulnerability":{"package":{"name":"vim","version":"2:7.4.1689-3ubuntu1.4","architecture":"amd64","condition":"Package less than 8.1.2136"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"}},"cve":"CVE-2019-20079","title":"The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.","severity":"High","published":"2019-12-30","updated":"2020-03-30","state":"Fixed","cwe_reference":"CWE-416","references":["https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421","https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136","https://packetstormsecurity.com/files/154898","https://usn.ubuntu.com/4309-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-20079"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-4484 affects cryptsetup","id":"23504","firedtimes":290},"data":{"vulnerability":{"package":{"name":"cryptsetup","version":"2:1.6.6-5ubuntu2.1","architecture":"amd64","condition":"Package less or equal than 2.1.7.3-2"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.800000"}},"cve":"CVE-2016-4484","title":"CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.","severity":"Medium","published":"2017-01-23","updated":"2017-01-26","state":"Fixed","cwe_reference":"CWE-287","bugzilla_references":["https://launchpad.net/bugs/1660701"],"references":["http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html","http://www.openwall.com/lists/oss-security/2016/11/14/13","http://www.openwall.com/lists/oss-security/2016/11/15/1","http://www.openwall.com/lists/oss-security/2016/11/15/4","http://www.openwall.com/lists/oss-security/2016/11/16/6","http://www.securityfocus.com/bid/94315","https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb","https://nvd.nist.gov/vuln/detail/CVE-2016-4484","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-13050 affects gnupg","id":"23505","firedtimes":114},"data":{"vulnerability":{"package":{"name":"gnupg","version":"1.4.20-1ubuntu3.3","architecture":"amd64","condition":"Package less or equal than 2.2.16"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"7.500000"}},"cve":"CVE-2019-13050","title":"CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.","severity":"High","published":"2019-06-29","updated":"2019-07-09","state":"Fixed","cwe_reference":"CWE-297","bugzilla_references":["https://bugs.launchpad.net/bugs/1844059","https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050","https://dev.gnupg.org/T4591","https://dev.gnupg.org/T4607","https://dev.gnupg.org/T4628"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html","https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/","https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html","https://support.f5.com/csp/article/K08654551","https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS","https://twitter.com/lambdafu/status/1147162583969009664","https://nvd.nist.gov/vuln/detail/CVE-2019-13050","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects mount","id":"23505","firedtimes":128},"data":{"vulnerability":{"package":{"name":"mount","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects util-linux","id":"23505","firedtimes":129},"data":{"vulnerability":{"package":{"name":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-7738 affects uuid-runtime","id":"23505","firedtimes":130},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package less or equal than 2.31"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-7738","title":"CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.","severity":"High","published":"2018-03-07","updated":"2019-10-03","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179","https://github.com/karelzak/util-linux/issues/539"],"references":["http://www.securityfocus.com/bid/103367","https://bugs.debian.org/892179","https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55","https://github.com/karelzak/util-linux/issues/539","https://www.debian.org/security/2018/dsa-4134","https://nvd.nist.gov/vuln/detail/CVE-2018-7738","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":5,"description":"CVE-2019-1547 affects libssl1.0.0","id":"23503","firedtimes":35},"data":{"vulnerability":{"package":{"name":"libssl1.0.0","source":"openssl","version":"1.0.2g-1ubuntu4.15","architecture":"amd64","condition":"Package greater or equal than 1.0.2 and less or equal than 1.0.2s"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"1.900000"}},"cve":"CVE-2019-1547","title":"CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).","severity":"Low","published":"2019-09-10","updated":"2019-09-12","state":"Fixed","cwe_reference":"CWE-311","references":["http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html","http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html","http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html","https://arxiv.org/abs/1909.01785","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8","https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a","https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/","https://seclists.org/bugtraq/2019/Oct/0","https://seclists.org/bugtraq/2019/Oct/1","https://seclists.org/bugtraq/2019/Sep/25","https://security.gentoo.org/glsa/201911-04","https://security.netapp.com/advisory/ntap-20190919-0002/","https://security.netapp.com/advisory/ntap-20200122-0002/","https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS","https://www.debian.org/security/2019/dsa-4539","https://www.debian.org/security/2019/dsa-4540","https://www.openssl.org/news/secadv/20190910.txt","https://www.oracle.com/security-alerts/cpuapr2020.html","https://www.oracle.com/security-alerts/cpujan2020.html","https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html","https://www.tenable.com/security/tns-2019-08","https://www.tenable.com/security/tns-2019-09","https://nvd.nist.gov/vuln/detail/CVE-2019-1547","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547","https://usn.ubuntu.com/usn/usn-4376-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-3843 affects systemd","id":"23505","firedtimes":134},"data":{"vulnerability":{"package":{"name":"systemd","version":"229-4ubuntu21.27","architecture":"amd64","condition":"Package less than 242"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"4.600000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2019-3843","title":"It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.","severity":"High","published":"2019-04-26","updated":"2019-06-19","state":"Fixed","cwe_reference":"CWE-264","references":["http://www.securityfocus.com/bid/108116","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/","https://security.netapp.com/advisory/ntap-20190619-0002/","https://usn.ubuntu.com/4269-1/","https://nvd.nist.gov/vuln/detail/CVE-2019-3843"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-11727 affects thunderbird","id":"23504","firedtimes":312},"data":{"vulnerability":{"package":{"name":"thunderbird","version":"1:68.8.0+build2-0ubuntu0.16.04.2","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"low","availability":"none"},"base_score":"5.300000"}},"cve":"CVE-2019-11727","title":"CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.","severity":"Medium","published":"2019-07-23","updated":"2019-07-30","state":"Unfixed","cwe_reference":"CWE-295","bugzilla_references":["https://bugzilla.mozilla.org/show_bug.cgi?id=1552208"],"references":["http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html","http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html","http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html","https://access.redhat.com/errata/RHSA-2019:1951","https://bugzilla.mozilla.org/show_bug.cgi?id=1552208","https://security.gentoo.org/glsa/201908-12","https://www.mozilla.org/security/advisories/mfsa2019-21/","https://nvd.nist.gov/vuln/detail/CVE-2019-11727","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727","https://usn.ubuntu.com/usn/usn-4054-1","https://usn.ubuntu.com/usn/usn-4060-1","https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2019-18276 affects bash","id":"23505","firedtimes":158},"data":{"vulnerability":{"package":{"name":"bash","version":"4.3-14ubuntu1.4","architecture":"amd64","condition":"Package less or equal than 5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"complete","integrity_impact":"complete","availability":"complete"},"base_score":"7.200000"}},"cve":"CVE-2019-18276","title":"CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support \"saved UID\" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use \"enable -f\" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.","severity":"High","published":"2019-11-28","updated":"2020-04-30","state":"Fixed","cwe_reference":"CWE-273","bugzilla_references":["https://bugzilla.suse.com/show_bug.cgi?id=1158028"],"references":["http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html","https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff","https://security.netapp.com/advisory/ntap-20200430-0003/","https://www.youtube.com/watch?v=-wGtxJ8opa8","https://nvd.nist.gov/vuln/detail/CVE-2019-18276","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2017-9502 affects curl","id":"23504","firedtimes":334},"data":{"vulnerability":{"package":{"name":"curl","version":"7.47.0-1ubuntu2.14","architecture":"amd64","condition":"Package less or equal than 7.54.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"5"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"low"},"base_score":"5.300000"}},"cve":"CVE-2017-9502","title":"In curl before 7.54.1 on Windows and DOS, libcurl's default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given \"URL\" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string \"file://\").","severity":"Medium","published":"2017-06-14","updated":"2017-07-08","state":"Fixed","cwe_reference":"CWE-119","references":["http://openwall.com/lists/oss-security/2017/06/14/1","http://www.securityfocus.com/bid/99120","http://www.securitytracker.com/id/1038697","https://curl.haxx.se/docs/adv_20170614.html","https://nvd.nist.gov/vuln/detail/CVE-2017-9502"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":10,"description":"CVE-2018-20483 affects wget","id":"23505","firedtimes":175},"data":{"vulnerability":{"package":{"name":"wget","version":"1.17.1-1ubuntu1.5","architecture":"amd64","condition":"Package less than 1.20.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"2.100000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"low","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"7.800000"}},"cve":"CVE-2018-20483","title":"set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.","severity":"High","published":"2018-12-26","updated":"2019-04-09","state":"Fixed","cwe_reference":"CWE-255","references":["http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS","http://www.securityfocus.com/bid/106358","https://access.redhat.com/errata/RHSA-2019:3701","https://security.gentoo.org/glsa/201903-08","https://security.netapp.com/advisory/ntap-20190321-0002/","https://twitter.com/marcan42/status/1077676739877232640","https://usn.ubuntu.com/3943-1/","https://nvd.nist.gov/vuln/detail/CVE-2018-20483"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-1010204 affects binutils","id":"23504","firedtimes":369},"data":{"vulnerability":{"package":{"name":"binutils","version":"2.26.1-1ubuntu1~16.04.8","architecture":"amd64","condition":"Package greater or equal than 2.21 and less or equal than 2.31.1"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2019-1010204","title":"CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.","severity":"Medium","published":"2019-07-23","updated":"2019-08-22","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://sourceware.org/bugzilla/show_bug.cgi?id=23765"],"references":["https://security.netapp.com/advisory/ntap-20190822-0001/","https://sourceware.org/bugzilla/show_bug.cgi?id=23765","https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS","https://nvd.nist.gov/vuln/detail/CVE-2019-1010204","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-14855 affects dirmngr","id":"23504","firedtimes":382},"data":{"vulnerability":{"package":{"name":"dirmngr","source":"gnupg2","version":"2.1.11-6ubuntu2.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"none","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-14855","title":"CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.","severity":"Medium","published":"2020-03-20","updated":"2020-03-24","state":"Unfixed","cwe_reference":"CWE-327","bugzilla_references":["https://dev.gnupg.org/T4755"],"references":["https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855","https://dev.gnupg.org/T4755","https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html","https://rwc.iacr.org/2020/slides/Leurent.pdf","https://nvd.nist.gov/vuln/detail/CVE-2019-14855","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855","https://eprint.iacr.org/2020/014.pdf"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2016-5011 affects uuid-runtime","id":"23504","firedtimes":395},"data":{"vulnerability":{"package":{"name":"uuid-runtime","source":"util-linux","version":"2.27.1-6ubuntu3.10","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"complete"},"base_score":"4.700000"},"cvss3":{"vector":{"attack_vector":"physical","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"4.300000"}},"cve":"CVE-2016-5011","title":"CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.","severity":"Medium","published":"2017-04-11","updated":"2017-04-17","state":"Unfixed","cwe_reference":"CWE-399","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802","https://bugzilla.redhat.com/show_bug.cgi?id=1349536"],"references":["http://rhn.redhat.com/errata/RHSA-2016-2605.html","http://www.openwall.com/lists/oss-security/2016/07/11/2","http://www.securityfocus.com/bid/91683","http://www.securitytracker.com/id/1036272","http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543","http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801","https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3","https://nvd.nist.gov/vuln/detail/CVE-2016-5011","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2015-5191 affects open-vm-tools","id":"23504","firedtimes":396},"data":{"vulnerability":{"package":{"name":"open-vm-tools","version":"2:10.2.0-3~ubuntu0.16.04.1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"local","access_complexity":"high","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"3.700000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"high","privileges_required":"low","user_interaction":"required","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"6.700000"}},"cve":"CVE-2015-5191","title":"CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","severity":"Medium","published":"2017-07-28","updated":"2017-08-08","state":"Unfixed","cwe_reference":"CWE-362","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633"],"references":["http://www.securityfocus.com/bid/100011","http://www.securitytracker.com/id/1039013","https://www.vmware.com/security/advisories/VMSA-2017-0013.html","https://nvd.nist.gov/vuln/detail/CVE-2015-5191","http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2018-8975 affects netpbm","id":"23504","firedtimes":397},"data":{"vulnerability":{"package":{"name":"netpbm","source":"netpbm-free","version":"2:10.0-15.3","architecture":"amd64","condition":"Package less or equal than 10.81.03"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"medium","authentication":"none","confidentiality_impact":"none","integrity_impact":"none","availability":"partial"},"base_score":"4.300000"},"cvss3":{"vector":{"attack_vector":"local","access_complexity":"low","privileges_required":"none","user_interaction":"required","scope":"unchanged","confidentiality_impact":"none","integrity_impact":"none","availability":"high"},"base_score":"5.500000"}},"cve":"CVE-2018-8975","title":"The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.","severity":"Medium","published":"2018-03-25","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-125","references":["http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html","https://github.com/xiaoqx/pocs/blob/master/netpbm","https://nvd.nist.gov/vuln/detail/CVE-2018-8975"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":7,"description":"CVE-2019-19232 affects sudo","id":"23504","firedtimes":398},"data":{"vulnerability":{"package":{"name":"sudo","version":"1.8.16-0ubuntu1.9","architecture":"amd64","condition":"Package less or equal than 1.8.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"none","integrity_impact":"partial","availability":"none"},"base_score":"5"}},"cve":"CVE-2019-19232","title":"CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.","severity":"Medium","published":"2019-12-19","updated":"2020-01-30","state":"Fixed","cwe_reference":"NVD-CWE-noinfo","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225"],"references":["http://seclists.org/fulldisclosure/2020/Mar/31","https://access.redhat.com/security/cve/cve-2019-19232","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979","https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870","https://security.netapp.com/advisory/ntap-20200103-0004/","https://support.apple.com/en-gb/HT211100","https://support.apple.com/kb/HT211100","https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232","https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506","https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html","https://www.oracle.com/security-alerts/bulletinapr2020.html","https://www.sudo.ws/devel.html#1.8.30b2","https://www.sudo.ws/stable.html","https://www.tenable.com/plugins/nessus/133936","https://nvd.nist.gov/vuln/detail/CVE-2019-19232","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-12588 affects rsyslog","id":"23506","firedtimes":64},"data":{"vulnerability":{"package":{"name":"rsyslog","version":"8.16.0-1ubuntu3.1","architecture":"amd64","condition":"Package less or equal than 8.27.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-12588","title":"The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.","severity":"Critical","published":"2017-08-06","updated":"2017-08-14","state":"Fixed","cwe_reference":"CWE-134","references":["https://github.com/rsyslog/rsyslog/blob/master/ChangeLog","https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b","https://github.com/rsyslog/rsyslog/pull/1565","https://nvd.nist.gov/vuln/detail/CVE-2017-12588"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-18342 affects python3-yaml","id":"23506","firedtimes":65},"data":{"vulnerability":{"package":{"name":"python3-yaml","source":"pyyaml","version":"3.11-3build1","architecture":"amd64","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-18342","title":"CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.","severity":"Critical","published":"2018-06-27","updated":"2019-06-24","state":"Unfixed","cwe_reference":"CWE-20","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878"],"references":["https://github.com/marshmallow-code/apispec/issues/278","https://github.com/yaml/pyyaml/blob/master/CHANGES","https://github.com/yaml/pyyaml/issues/193","https://github.com/yaml/pyyaml/pull/74","https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/","https://security.gentoo.org/glsa/202003-45","https://nvd.nist.gov/vuln/detail/CVE-2017-18342","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15994 affects rsync","id":"23506","firedtimes":66},"data":{"vulnerability":{"package":{"name":"rsync","version":"3.1.1-3ubuntu1.3","architecture":"amd64","condition":"Package less or equal than 3.1.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15994","title":"rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.","severity":"Critical","published":"2017-10-29","updated":"2019-10-03","state":"Fixed","cwe_reference":"CWE-354","references":["https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3","https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55","https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b","https://nvd.nist.gov/vuln/detail/CVE-2017-15994"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2019-9169 affects libc6","id":"23506","firedtimes":68},"data":{"vulnerability":{"package":{"name":"libc6","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.29"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2019-9169","title":"CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.","severity":"Critical","published":"2019-02-26","updated":"2019-04-16","state":"Fixed","cwe_reference":"CWE-125","bugzilla_references":["https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://sourceware.org/bugzilla/show_bug.cgi?id=24114"],"references":["http://www.securityfocus.com/bid/107160","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140","https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142","https://kc.mcafee.com/corporate/index?page=content&id=SB10278","https://security.netapp.com/advisory/ntap-20190315-0002/","https://sourceware.org/bugzilla/show_bug.cgi?id=24114","https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9","https://support.f5.com/csp/article/K54823184","https://nvd.nist.gov/vuln/detail/CVE-2019-9169","http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2017-15088 affects krb5-locales","id":"23506","firedtimes":73},"data":{"vulnerability":{"package":{"name":"krb5-locales","source":"krb5","version":"1.13.2+dfsg-5ubuntu2.1","architecture":"all","condition":"Package unfixed"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2017-15088","title":"CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.","rationale":"plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.","severity":"Critical","published":"2017-11-23","updated":"2019-10-09","state":"Unfixed","cwe_reference":"CWE-119","bugzilla_references":["http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698"],"references":["http://www.securityfocus.com/bid/101594","https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698","https://bugzilla.redhat.com/show_bug.cgi?id=1504045","https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4","https://github.com/krb5/krb5/pull/707","https://nvd.nist.gov/vuln/detail/CVE-2017-15088","http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2018-6485 affects libc-bin","id":"23506","firedtimes":78},"data":{"vulnerability":{"package":{"name":"libc-bin","source":"glibc","version":"2.23-0ubuntu11","architecture":"amd64","condition":"Package less or equal than 2.26"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2018-6485","title":"CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.","rationale":"An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.","severity":"Critical","published":"2018-02-01","updated":"2019-12-10","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["http://bugs.debian.org/878159","https://sourceware.org/bugzilla/show_bug.cgi?id=22343"],"references":["http://bugs.debian.org/878159","http://www.securityfocus.com/bid/102912","https://access.redhat.com/errata/RHBA-2019:0327","https://access.redhat.com/errata/RHSA-2018:3092","https://security.netapp.com/advisory/ntap-20190404-0003/","https://sourceware.org/bugzilla/show_bug.cgi?id=22343","https://usn.ubuntu.com/4218-1/","https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","https://nvd.nist.gov/vuln/detail/CVE-2018-6485","http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485","https://usn.ubuntu.com/usn/usn-4218-1"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7944 affects libxfixes3","id":"23506","firedtimes":82},"data":{"vulnerability":{"package":{"name":"libxfixes3","source":"libxfixes","version":"1:5.0.1-2","architecture":"amd64","condition":"Package less or equal than 5.0.2"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7944","title":"CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-190","bugzilla_references":["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442"],"references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93361","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7944","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7947 affects libxrandr2","id":"23506","firedtimes":83},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7947","title":"CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93365","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7947","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, - {"rule":{"level":13,"description":"CVE-2016-7948 affects libxrandr2","id":"23506","firedtimes":84},"data":{"vulnerability":{"package":{"name":"libxrandr2","source":"libxrandr","version":"2:1.5.0-1","architecture":"amd64","condition":"Package less or equal than 1.5.0"},"cvss":{"cvss2":{"vector":{"attack_vector":"network","access_complexity":"low","authentication":"none","confidentiality_impact":"partial","integrity_impact":"partial","availability":"partial"},"base_score":"7.500000"},"cvss3":{"vector":{"attack_vector":"network","access_complexity":"low","privileges_required":"none","user_interaction":"none","scope":"unchanged","confidentiality_impact":"high","integrity_impact":"high","availability":"high"},"base_score":"9.800000"}},"cve":"CVE-2016-7948","title":"CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.","rationale":"X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.","severity":"Critical","published":"2016-12-13","updated":"2017-07-01","state":"Fixed","cwe_reference":"CWE-787","references":["http://www.openwall.com/lists/oss-security/2016/10/04/2","http://www.openwall.com/lists/oss-security/2016/10/04/4","http://www.securityfocus.com/bid/93373","http://www.securitytracker.com/id/1036945","https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/","https://lists.x.org/archives/xorg-announce/2016-October/002720.html","https://security.gentoo.org/glsa/201704-03","https://nvd.nist.gov/vuln/detail/CVE-2016-7948","http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948"],"assigner":"cve@mitre.org","cve_version":"4.0"}}}, + { + rule: { + level: 7, + description: 'CVE-2017-18018 affects coreutils', + id: '23504', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'coreutils', + version: '8.28-1ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'high', + availability: 'none', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2017-18018', + title: 'CVE-2017-18018 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.', + severity: 'Medium', + published: '2018-01-04', + updated: '2018-01-19', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18018', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18018.html', + 'http://www.openwall.com/lists/oss-security/2018/01/04/3', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html', + 'https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects imagemagick', + id: '23504', + firedtimes: 2, + }, + data: { + vulnerability: { + package: { + name: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17540 affects libmagickcore-6.q16-3', + id: '23504', + firedtimes: 5, + }, + data: { + vulnerability: { + package: { + name: 'libmagickcore-6.q16-3', + source: 'imagemagick', + version: '8:6.9.7.4+dfsg-16ubuntu6.8', + architecture: 'amd64', + condition: 'Package less than 7.0.8-54', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17540', + title: + 'ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPSInfo in coders/ps.c.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-23', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942578', + 'https://github.com/ImageMagick/ImageMagick/compare/7.0.8-53...7.0.8-54', + 'https://github.com/ImageMagick/ImageMagick/compare/master@%7B2019-07-15%7D...master@%7B2019-07-17%7D', + 'https://security-tracker.debian.org/tracker/CVE-2019-17540', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17540', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-1000035 affects unzip', + id: '23505', + firedtimes: 1, + }, + data: { + vulnerability: { + package: { + name: 'unzip', + version: '6.0-21ubuntu1', + architecture: 'amd64', + condition: 'Package less or equal than 6.00', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-1000035', + title: 'CVE-2018-1000035 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.', + severity: 'High', + published: '2018-02-09', + updated: '2020-01-29', + state: 'Fixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838', + ], + references: [ + 'https://lists.debian.org/debian-lts-announce/2020/01/msg00026.html', + 'https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + 'https://security.gentoo.org/glsa/202003-58', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-1000035', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-1000035.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035', + 'https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-1747 affects python3-yaml', + id: '23505', + firedtimes: 44, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.12-1build2', + architecture: 'amd64', + condition: 'Package less than 5.3.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '10', + }, + }, + cve: 'CVE-2020-1747', + title: + 'A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.', + severity: 'High', + published: '2020-03-24', + updated: '2020-05-11', + state: 'Fixed', + cwe_reference: 'CWE-20', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00017.html', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1747', + 'https://github.com/yaml/pyyaml/pull/386', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K5HEPD7LEVDPCITY5IMDYWXUMX37VFMY/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WORRFHPQVAFKKXXWLSSW6XKUYLWM6CSH/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBJA3SGNJKCAYPSHOHWY3KBCWNM5NYK2/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1747', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-18684 affects sudo', + id: '23504', + firedtimes: 87, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.21p2-3ubuntu1.2', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '6.900000', + }, + }, + cve: 'CVE-2019-18684', + title: + '** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to root if they have write access to file descriptor 3 of the sudo process. This occurs because of a race condition between determining a uid, and the setresuid and openat system calls. The attacker can write "ALL ALL=(ALL) NOPASSWD:ALL" to /proc/#####/fd/3 at a time when Sudo is prompting for a password. NOTE: This has been disputed due to the way Linux /proc works. It has been argued that writing to /proc/#####/fd/3 would only be viable if you had permission to write to /etc/sudoers. Even with write permission to /proc/#####/fd/3, it would not help you write to /etc/sudoers.', + severity: 'Medium', + published: '2019-11-04', + updated: '2019-11-08', + state: 'Fixed', + cwe_reference: 'CWE-362', + references: [ + 'https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18684', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20482 affects tar', + id: '23504', + firedtimes: 88, + }, + data: { + vulnerability: { + package: { + name: 'tar', + version: '1.29b-2ubuntu0.1', + architecture: 'amd64', + condition: 'Package less or equal than 1.30', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.700000', + }, + }, + cve: 'CVE-2018-20482', + title: 'CVE-2018-20482 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + "GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c) by modifying a file that is supposed to be archived by a different user's process (e.g., a system backup running as root).", + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-835', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917377', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1662346', + ], + references: [ + 'http://git.savannah.gnu.org/cgit/tar.git/commit/?id=c15c42ccd1e2377945fd0414eca1a49294bff454', + 'http://lists.gnu.org/archive/html/bug-tar/2018-12/msg00023.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00077.html', + 'http://www.securityfocus.com/bid/106354', + 'https://lists.debian.org/debian-lts-announce/2018/12/msg00023.html', + 'https://news.ycombinator.com/item?id=18745431', + 'https://security.gentoo.org/glsa/201903-05', + 'https://twitter.com/thatcks/status/1076166645708668928', + 'https://utcc.utoronto.ca/~cks/space/blog/sysadmin/TarFindingTruncateBug', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20482', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20482.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20482', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2015-2987 affects ed', + id: '23503', + firedtimes: 9, + }, + data: { + vulnerability: { + package: { + name: 'ed', + version: '1.10-2.1', + architecture: 'amd64', + condition: 'Package less or equal than 3.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.600000', + }, + }, + cve: 'CVE-2015-2987', + title: + 'Type74 ED before 4.0 misuses 128-bit ECB encryption for small files, which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.', + severity: 'Low', + published: '2015-08-28', + updated: '2015-08-31', + state: 'Fixed', + cwe_reference: 'CWE-17', + references: [ + 'http://jvn.jp/en/jp/JVN91474878/index.html', + 'http://jvndb.jvn.jp/jvndb/JVNDB-2015-000119', + 'http://type74.org/edman5-1.php', + 'http://type74org.blog14.fc2.com/blog-entry-1384.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-2987', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-8769 affects elfutils', + id: '23505', + firedtimes: 45, + }, + data: { + vulnerability: { + package: { + name: 'elfutils', + version: '0.170-0.4ubuntu0.1', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-8769', + title: + 'elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.', + severity: 'High', + published: '2018-03-18', + updated: '2019-10-03', + state: 'Pending confirmation', + cwe_reference: 'CWE-125', + references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22976', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8769', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1552 affects openssl', + id: '23503', + firedtimes: 11, + }, + data: { + vulnerability: { + package: { + name: 'openssl', + version: '1.1.1-1ubuntu2.1~18.04.6', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.1.1 and less or equal than 1.1.1c', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '1.900000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2019-1552', + title: + "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).", + severity: 'Low', + published: '2019-07-30', + updated: '2019-08-23', + state: 'Fixed', + cwe_reference: 'CWE-295', + references: [ + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=54aa9d51b09d67e90db443f682cface795f5af9e', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b15a19c148384e73338aa7c5b12652138e35ed28', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=d333ebaf9c77332754a9d5e111e2f53e1de54fdd', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e32bc855a81a2d48d215c506bdeb4f598045f7e9', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/', + 'https://security.netapp.com/advisory/ntap-20190823-0006/', + 'https://support.f5.com/csp/article/K94041354', + 'https://support.f5.com/csp/article/K94041354?utm_source=f5support&utm_medium=RSS', + 'https://www.openssl.org/news/secadv/20190730.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1552', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects libc-bin', + id: '23503', + firedtimes: 12, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-1752 affects multiarch-support', + id: '23503', + firedtimes: 17, + }, + data: { + vulnerability: { + package: { + name: 'multiarch-support', + source: 'glibc', + version: '2.27-3ubuntu1', + architecture: 'amd64', + condition: 'Package less than 2.32.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + }, + cve: 'CVE-2020-1752', + title: 'CVE-2020-1752 on Ubuntu 18.04 LTS (bionic) - medium.', + rationale: + 'A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processed by the glob function, would potentially lead to arbitrary code execution. This was fixed in version 2.32.', + severity: 'Low', + published: '2020-04-30', + updated: '2020-05-18', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1752', + 'https://security.netapp.com/advisory/ntap-20200511-0005/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=25414', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ddc650e9b3dc916eab417ce9f79e67337b05035c', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1752', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1752.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1752', + 'https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=263e6175999bc7f5adb8b32fd12fcfae3f0bb05a;hp=37db4539dd8b5c098d9235249c5d2aedaa67d7d1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects libsqlite3-0', + id: '23503', + firedtimes: 18, + }, + data: { + vulnerability: { + package: { + name: 'libsqlite3-0', + source: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-19645 affects sqlite3', + id: '23503', + firedtimes: 19, + }, + data: { + vulnerability: { + package: { + name: 'sqlite3', + version: '3.22.0-1ubuntu0.3', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2019-19645', + title: 'CVE-2019-19645 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements.', + severity: 'Low', + published: '2019-12-09', + updated: '2019-12-23', + state: 'Unfixed', + cwe_reference: 'CWE-674', + references: [ + 'https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06', + 'https://security.netapp.com/advisory/ntap-20191223-0001/', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19645', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19645.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects passwd', + id: '23503', + firedtimes: 21, + }, + data: { + vulnerability: { + package: { + name: 'passwd', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2013-4235 affects login', + id: '23503', + firedtimes: 20, + }, + data: { + vulnerability: { + package: { + name: 'login', + source: 'shadow', + version: '1:4.5-1ubuntu2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.300000', + }, + }, + cve: 'CVE-2013-4235', + title: 'CVE-2013-4235 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees', + severity: 'Low', + published: '2019-12-03', + updated: '2019-12-13', + state: 'Unfixed', + cwe_reference: 'CWE-367', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778950', + 'https://bugzilla.redhat.com/show_bug.cgi?id=884658', + ], + references: [ + 'https://access.redhat.com/security/cve/cve-2013-4235', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235', + 'https://security-tracker.debian.org/tracker/CVE-2013-4235', + 'https://nvd.nist.gov/vuln/detail/CVE-2013-4235', + 'http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-4235.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1003010 affects git', + id: '23504', + firedtimes: 162, + }, + data: { + vulnerability: { + package: { + name: 'git', + version: '1:2.17.1-1ubuntu0.7', + architecture: 'amd64', + condition: 'Package less or equal than 3.9.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2019-1003010', + title: + 'A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.', + severity: 'Medium', + published: '2019-02-06', + updated: '2019-04-26', + state: 'Fixed', + cwe_reference: 'CWE-352', + references: [ + 'https://access.redhat.com/errata/RHBA-2019:0326', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1095', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1003010', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2020-9366 affects screen', + id: '23505', + firedtimes: 77, + }, + data: { + vulnerability: { + package: { + name: 'screen', + version: '4.6.2-1ubuntu1', + architecture: 'amd64', + condition: 'Package less than 4.8.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2020-9366', + title: + 'A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.', + severity: 'High', + published: '2020-02-24', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-120', + references: [ + 'http://www.openwall.com/lists/oss-security/2020/02/25/1', + 'https://lists.gnu.org/archive/html/screen-devel/2020-02/msg00007.html', + 'https://security.gentoo.org/glsa/202003-62', + 'https://www.openwall.com/lists/oss-security/2020/02/06/3', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-9366', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-15847 affects gcc', + id: '23505', + firedtimes: 86, + }, + data: { + vulnerability: { + package: { + name: 'gcc', + source: 'gcc-defaults', + version: '4:7.4.0-1ubuntu2.3', + architecture: 'amd64', + condition: 'Package less than 10.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-15847', + title: 'CVE-2019-15847 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'The POWER9 backend in GNU Compiler Collection (GCC) before version 10 could optimize multiple calls of the __builtin_darn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single execution of a program, the output of every __builtin_darn() call may be the same.', + severity: 'High', + published: '2019-09-02', + updated: '2020-05-26', + state: 'Fixed', + cwe_reference: 'CWE-331', + bugzilla_references: [ + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html', + 'https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-15847', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15847.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15847', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-14988 affects libopenexr22', + id: '23504', + firedtimes: 189, + }, + data: { + vulnerability: { + package: { + name: 'libopenexr22', + source: 'openexr', + version: '2.2.0-11.1ubuntu1.2', + architecture: 'amd64', + condition: 'Package matches a vulnerable version', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-14988', + title: + "** DISPUTED ** Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid.", + severity: 'Medium', + published: '2017-10-03', + updated: '2019-09-23', + state: 'Pending confirmation', + cwe_reference: 'CWE-400', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00063.html', + 'https://github.com/openexr/openexr/issues/248', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-14988', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2', + id: '23504', + firedtimes: 190, + }, + data: { + vulnerability: { + package: { + name: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-bin', + id: '23504', + firedtimes: 191, + }, + data: { + vulnerability: { + package: { + name: 'apache2-bin', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-data', + id: '23504', + firedtimes: 192, + }, + data: { + vulnerability: { + package: { + name: 'apache2-data', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2020-1927 affects apache2-utils', + id: '23504', + firedtimes: 193, + }, + data: { + vulnerability: { + package: { + name: 'apache2-utils', + source: 'apache2', + version: '2.4.29-1ubuntu4.13', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2020-1927', + title: 'CVE-2020-1927 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.', + severity: 'Medium', + published: '2020-04-02', + updated: '2020-04-03', + state: 'Unfixed', + cwe_reference: 'CWE-601', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00002.html', + 'http://www.openwall.com/lists/oss-security/2020/04/03/1', + 'http://www.openwall.com/lists/oss-security/2020/04/04/1', + 'https://httpd.apache.org/security/vulnerabilities_24.html', + 'https://lists.apache.org/thread.html/r10b853ea87dd150b0e76fda3f8254dfdb23dd05fa55596405b58478e@%3Ccvs.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r1719675306dfbeaceff3dc63ccad3de2d5615919ca3c13276948b9ac@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r52a52fd60a258f5999a8fa5424b30d9fd795885f9ff4828d889cd201@%3Cdev.httpd.apache.org%3E', + 'https://lists.apache.org/thread.html/r70ba652b79ba224b2cbc0a183078b3a49df783b419903e3dcf4d78c7@%3Ccvs.httpd.apache.org%3E', + 'https://security.netapp.com/advisory/ntap-20200413-0002/', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-1927', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1927', + 'https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-1927', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-client', + id: '23504', + firedtimes: 197, + }, + data: { + vulnerability: { + package: { + name: 'openssh-client', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-15919 affects openssh-server', + id: '23504', + firedtimes: 198, + }, + data: { + vulnerability: { + package: { + name: 'openssh-server', + source: 'openssh', + version: '1:7.6p1-4ubuntu0.3', + architecture: 'amd64', + condition: + 'Package greater or equal than 5.9 and less or equal than 7.8', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'low', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-15919', + title: 'CVE-2018-15919 on Ubuntu 18.04 LTS (bionic) - low.', + rationale: + 'Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states \'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.\'', + severity: 'Medium', + published: '2018-08-28', + updated: '2019-03-07', + state: 'Fixed', + cwe_reference: 'CWE-200', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907503', + 'https://bugzilla.novell.com/show_bug.cgi?id=CVE-2018-15919', + ], + references: [ + 'http://seclists.org/oss-sec/2018/q3/180', + 'http://www.securityfocus.com/bid/105163', + 'https://security.netapp.com/advisory/ntap-20181221-0001/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-15919', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-15919.html', + 'http://www.openwall.com/lists/oss-security/2018/08/27/2', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15919', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17595 affects ncurses-base', + id: '23504', + firedtimes: 222, + }, + data: { + vulnerability: { + package: { + name: 'ncurses-base', + source: 'ncurses', + version: '6.1-1ubuntu1.18.04', + architecture: 'all', + condition: 'Package less than 6.1.20191012', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5.800000', + }, + }, + cve: 'CVE-2019-17595', + title: 'CVE-2019-17595 on Ubuntu 18.04 LTS (bionic) - negligible.', + rationale: + 'There is a heap-based buffer over-read in the fmt_entry function in tinfo/comp_hash.c in the terminfo library in ncurses before 6.1-20191012.', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-12-23', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942401', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html', + 'https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17595', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17595.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-17543 affects liblz4-1', + id: '23504', + firedtimes: 244, + }, + data: { + vulnerability: { + package: { + name: 'liblz4-1', + source: 'lz4', + version: '0.0~r131-2ubuntu2', + architecture: 'amd64', + condition: 'Package less than 1.9.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2019-17543', + title: 'CVE-2019-17543 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with a large input. (This issue can also lead to data corruption.) NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."', + severity: 'Medium', + published: '2019-10-14', + updated: '2019-10-24', + state: 'Fixed', + cwe_reference: 'CWE-120', + bugzilla_references: [ + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943680', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html', + 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941', + 'https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2', + 'https://github.com/lz4/lz4/issues/801', + 'https://github.com/lz4/lz4/pull/756', + 'https://github.com/lz4/lz4/pull/760', + 'https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E', + 'https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-17543', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-17543.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17543', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-20217 affects libkrb5-3', + id: '23504', + firedtimes: 254, + }, + data: { + vulnerability: { + package: { + name: 'libkrb5-3', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'single', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '3.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2018-20217', + title: 'CVE-2018-20217 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request.', + severity: 'Medium', + published: '2018-12-26', + updated: '2019-10-03', + state: 'Unfixed', + cwe_reference: 'CWE-617', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917387', + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + ], + references: [ + 'http://krbdev.mit.edu/rt/Ticket/Display.html?id=8763', + 'https://github.com/krb5/krb5/commit/5e6d1796106df8ba6bc1973ee0917c170d929086', + 'https://lists.debian.org/debian-lts-announce/2019/01/msg00020.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2KNHELH4YHNT6H2ESJWX2UIDXLBNGB2O/', + 'https://security.netapp.com/advisory/ntap-20190416-0006/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20217', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-20217.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20217', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-14036 affects accountsservice', + id: '23504', + firedtimes: 256, + }, + data: { + vulnerability: { + package: { + name: 'accountsservice', + version: '0.6.40-2ubuntu11.3', + architecture: 'amd64', + condition: 'Package less than 0.6.50', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'single', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '4', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '6.500000', + }, + }, + cve: 'CVE-2018-14036', + title: 'CVE-2018-14036 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.', + severity: 'Medium', + published: '2018-07-13', + updated: '2018-09-06', + state: 'Fixed', + cwe_reference: 'CWE-22', + bugzilla_references: [ + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2018/07/02/2', + 'http://www.securityfocus.com/bid/104757', + 'https://bugs.freedesktop.org/show_bug.cgi?id=107085', + 'https://bugzilla.suse.com/show_bug.cgi?id=1099699', + 'https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-14036', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14036.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14036', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-7244 affects libpcre3', + id: '23504', + firedtimes: 265, + }, + data: { + vulnerability: { + package: { + name: 'libpcre3', + source: 'pcre3', + version: '2:8.38-3.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2017-7244', + title: 'CVE-2017-7244 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file.', + severity: 'Medium', + published: '2017-03-23', + updated: '2018-08-17', + state: 'Unfixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858683', + 'https://bugs.exim.org/show_bug.cgi?id=2052', + 'https://bugs.exim.org/show_bug.cgi?id=2054', + ], + references: [ + 'http://www.securityfocus.com/bid/97067', + 'https://access.redhat.com/errata/RHSA-2018:2486', + 'https://blogs.gentoo.org/ago/2017/03/20/libpcre-invalid-memory-read-in-_pcre32_xclass-pcre_xclass-c/', + 'https://security.gentoo.org/glsa/201710-25', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-7244', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-7244.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7244', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2020-8631 affects grub-legacy-ec2', + id: '23503', + firedtimes: 32, + }, + data: { + vulnerability: { + package: { + name: 'grub-legacy-ec2', + source: 'cloud-init', + version: '19.4-33-gbb4131a2-0ubuntu1~16.04.1', + architecture: 'all', + condition: 'Package less or equal than 19.4', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + }, + cve: 'CVE-2020-8631', + title: 'CVE-2020-8631 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.', + severity: 'Low', + published: '2020-02-05', + updated: '2020-02-21', + state: 'Fixed', + cwe_reference: 'CWE-330', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00042.html', + 'https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1860795', + 'https://github.com/canonical/cloud-init/pull/204', + 'https://lists.debian.org/debian-lts-announce/2020/02/msg00021.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2020-8631', + 'http://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-8631.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8631', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-20079 affects vim', + id: '23505', + firedtimes: 109, + }, + data: { + vulnerability: { + package: { + name: 'vim', + version: '2:7.4.1689-3ubuntu1.4', + architecture: 'amd64', + condition: 'Package less than 8.1.2136', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-20079', + title: + 'The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory.', + severity: 'High', + published: '2019-12-30', + updated: '2020-03-30', + state: 'Fixed', + cwe_reference: 'CWE-416', + references: [ + 'https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421', + 'https://github.com/vim/vim/compare/v8.1.2135...v8.1.2136', + 'https://packetstormsecurity.com/files/154898', + 'https://usn.ubuntu.com/4309-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-20079', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-4484 affects cryptsetup', + id: '23504', + firedtimes: 290, + }, + data: { + vulnerability: { + package: { + name: 'cryptsetup', + version: '2:1.6.6-5ubuntu2.1', + architecture: 'amd64', + condition: 'Package less or equal than 2.1.7.3-2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.800000', + }, + }, + cve: 'CVE-2016-4484', + title: 'CVE-2016-4484 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.', + severity: 'Medium', + published: '2017-01-23', + updated: '2017-01-26', + state: 'Fixed', + cwe_reference: 'CWE-287', + bugzilla_references: ['https://launchpad.net/bugs/1660701'], + references: [ + 'http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html', + 'http://www.openwall.com/lists/oss-security/2016/11/14/13', + 'http://www.openwall.com/lists/oss-security/2016/11/15/1', + 'http://www.openwall.com/lists/oss-security/2016/11/15/4', + 'http://www.openwall.com/lists/oss-security/2016/11/16/6', + 'http://www.securityfocus.com/bid/94315', + 'https://gitlab.com/cryptsetup/cryptsetup/commit/ef8a7d82d8d3716ae9b58179590f7908981fa0cb', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-4484', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4484', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-13050 affects gnupg', + id: '23505', + firedtimes: 114, + }, + data: { + vulnerability: { + package: { + name: 'gnupg', + version: '1.4.20-1ubuntu3.3', + architecture: 'amd64', + condition: 'Package less or equal than 2.2.16', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '7.500000', + }, + }, + cve: 'CVE-2019-13050', + title: 'CVE-2019-13050 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.', + severity: 'High', + published: '2019-06-29', + updated: '2019-07-09', + state: 'Fixed', + cwe_reference: 'CWE-297', + bugzilla_references: [ + 'https://bugs.launchpad.net/bugs/1844059', + 'https://bugzilla.suse.com/show_bug.cgi?id=CVE-2019-13050', + 'https://dev.gnupg.org/T4591', + 'https://dev.gnupg.org/T4607', + 'https://dev.gnupg.org/T4628', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html', + 'https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html', + 'https://support.f5.com/csp/article/K08654551', + 'https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS', + 'https://twitter.com/lambdafu/status/1147162583969009664', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-13050', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-13050.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects mount', + id: '23505', + firedtimes: 128, + }, + data: { + vulnerability: { + package: { + name: 'mount', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects util-linux', + id: '23505', + firedtimes: 129, + }, + data: { + vulnerability: { + package: { + name: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-7738 affects uuid-runtime', + id: '23505', + firedtimes: 130, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package less or equal than 2.31', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-7738', + title: 'CVE-2018-7738 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion.', + severity: 'High', + published: '2018-03-07', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892179', + 'https://github.com/karelzak/util-linux/issues/539', + ], + references: [ + 'http://www.securityfocus.com/bid/103367', + 'https://bugs.debian.org/892179', + 'https://github.com/karelzak/util-linux/commit/75f03badd7ed9f1dd951863d75e756883d3acc55', + 'https://github.com/karelzak/util-linux/issues/539', + 'https://www.debian.org/security/2018/dsa-4134', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-7738', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-7738.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7738', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 5, + description: 'CVE-2019-1547 affects libssl1.0.0', + id: '23503', + firedtimes: 35, + }, + data: { + vulnerability: { + package: { + name: 'libssl1.0.0', + source: 'openssl', + version: '1.0.2g-1ubuntu4.15', + architecture: 'amd64', + condition: + 'Package greater or equal than 1.0.2 and less or equal than 1.0.2s', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '1.900000', + }, + }, + cve: 'CVE-2019-1547', + title: 'CVE-2019-1547 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).', + severity: 'Low', + published: '2019-09-10', + updated: '2019-09-12', + state: 'Fixed', + cwe_reference: 'CWE-311', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00072.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00012.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00016.html', + 'http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html', + 'https://arxiv.org/abs/1909.01785', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8', + 'https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a', + 'https://lists.debian.org/debian-lts-announce/2019/09/msg00026.html', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZN4VVQJ3JDCHGIHV4Y2YTXBYQZ6PWQ7E/', + 'https://seclists.org/bugtraq/2019/Oct/0', + 'https://seclists.org/bugtraq/2019/Oct/1', + 'https://seclists.org/bugtraq/2019/Sep/25', + 'https://security.gentoo.org/glsa/201911-04', + 'https://security.netapp.com/advisory/ntap-20190919-0002/', + 'https://security.netapp.com/advisory/ntap-20200122-0002/', + 'https://support.f5.com/csp/article/K73422160?utm_source=f5support&utm_medium=RSS', + 'https://www.debian.org/security/2019/dsa-4539', + 'https://www.debian.org/security/2019/dsa-4540', + 'https://www.openssl.org/news/secadv/20190910.txt', + 'https://www.oracle.com/security-alerts/cpuapr2020.html', + 'https://www.oracle.com/security-alerts/cpujan2020.html', + 'https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html', + 'https://www.tenable.com/security/tns-2019-08', + 'https://www.tenable.com/security/tns-2019-09', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1547', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1547.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1547', + 'https://usn.ubuntu.com/usn/usn-4376-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-3843 affects systemd', + id: '23505', + firedtimes: 134, + }, + data: { + vulnerability: { + package: { + name: 'systemd', + version: '229-4ubuntu21.27', + architecture: 'amd64', + condition: 'Package less than 242', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '4.600000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2019-3843', + title: + 'It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.', + severity: 'High', + published: '2019-04-26', + updated: '2019-06-19', + state: 'Fixed', + cwe_reference: 'CWE-264', + references: [ + 'http://www.securityfocus.com/bid/108116', + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/', + 'https://security.netapp.com/advisory/ntap-20190619-0002/', + 'https://usn.ubuntu.com/4269-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-3843', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-11727 affects thunderbird', + id: '23504', + firedtimes: 312, + }, + data: { + vulnerability: { + package: { + name: 'thunderbird', + version: '1:68.8.0+build2-0ubuntu0.16.04.2', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'low', + availability: 'none', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2019-11727', + title: 'CVE-2019-11727 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatures should not be used for TLS 1.3 messages. This vulnerability affects Firefox < 68.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-07-30', + state: 'Unfixed', + cwe_reference: 'CWE-295', + bugzilla_references: [ + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + ], + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00009.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00010.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00011.html', + 'http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00017.html', + 'http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html', + 'https://access.redhat.com/errata/RHSA-2019:1951', + 'https://bugzilla.mozilla.org/show_bug.cgi?id=1552208', + 'https://security.gentoo.org/glsa/201908-12', + 'https://www.mozilla.org/security/advisories/mfsa2019-21/', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-11727', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-11727.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11727', + 'https://usn.ubuntu.com/usn/usn-4054-1', + 'https://usn.ubuntu.com/usn/usn-4060-1', + 'https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2019-18276 affects bash', + id: '23505', + firedtimes: 158, + }, + data: { + vulnerability: { + package: { + name: 'bash', + version: '4.3-14ubuntu1.4', + architecture: 'amd64', + condition: 'Package less or equal than 5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'complete', + integrity_impact: 'complete', + availability: 'complete', + }, + base_score: '7.200000', + }, + }, + cve: 'CVE-2019-18276', + title: 'CVE-2019-18276 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it does so incorrectly. On Linux and other systems that support "saved UID" functionality, the saved UID is not dropped. An attacker with command execution in the shell can use "enable -f" for runtime loading of a new builtin, which can be a shared object that calls setuid() and therefore regains privileges. However, binaries running with an effective UID of 0 are unaffected.', + severity: 'High', + published: '2019-11-28', + updated: '2020-04-30', + state: 'Fixed', + cwe_reference: 'CWE-273', + bugzilla_references: [ + 'https://bugzilla.suse.com/show_bug.cgi?id=1158028', + ], + references: [ + 'http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html', + 'https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff', + 'https://security.netapp.com/advisory/ntap-20200430-0003/', + 'https://www.youtube.com/watch?v=-wGtxJ8opa8', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-18276', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18276.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2017-9502 affects curl', + id: '23504', + firedtimes: 334, + }, + data: { + vulnerability: { + package: { + name: 'curl', + version: '7.47.0-1ubuntu2.14', + architecture: 'amd64', + condition: 'Package less or equal than 7.54.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '5', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'low', + }, + base_score: '5.300000', + }, + }, + cve: 'CVE-2017-9502', + title: + 'In curl before 7.54.1 on Windows and DOS, libcurl\'s default protocol function, which is the logic that allows an application to set which protocol libcurl should attempt to use when given a URL without a scheme part, had a flaw that could lead to it overwriting a heap based memory buffer with seven bytes. If the default protocol is specified to be FILE or a file: URL lacks two slashes, the given "URL" starts with a drive letter, and libcurl is built for Windows or DOS, then libcurl would copy the path 7 bytes off, so that the end of the given path would write beyond the malloc buffer (7 bytes being the length in bytes of the ascii string "file://").', + severity: 'Medium', + published: '2017-06-14', + updated: '2017-07-08', + state: 'Fixed', + cwe_reference: 'CWE-119', + references: [ + 'http://openwall.com/lists/oss-security/2017/06/14/1', + 'http://www.securityfocus.com/bid/99120', + 'http://www.securitytracker.com/id/1038697', + 'https://curl.haxx.se/docs/adv_20170614.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-9502', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 10, + description: 'CVE-2018-20483 affects wget', + id: '23505', + firedtimes: 175, + }, + data: { + vulnerability: { + package: { + name: 'wget', + version: '1.17.1-1ubuntu1.5', + architecture: 'amd64', + condition: 'Package less than 1.20.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '2.100000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'low', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '7.800000', + }, + }, + cve: 'CVE-2018-20483', + title: + "set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl.", + severity: 'High', + published: '2018-12-26', + updated: '2019-04-09', + state: 'Fixed', + cwe_reference: 'CWE-255', + references: [ + 'http://git.savannah.gnu.org/cgit/wget.git/tree/NEWS', + 'http://www.securityfocus.com/bid/106358', + 'https://access.redhat.com/errata/RHSA-2019:3701', + 'https://security.gentoo.org/glsa/201903-08', + 'https://security.netapp.com/advisory/ntap-20190321-0002/', + 'https://twitter.com/marcan42/status/1077676739877232640', + 'https://usn.ubuntu.com/3943-1/', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-20483', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-1010204 affects binutils', + id: '23504', + firedtimes: 369, + }, + data: { + vulnerability: { + package: { + name: 'binutils', + version: '2.26.1-1ubuntu1~16.04.8', + architecture: 'amd64', + condition: + 'Package greater or equal than 2.21 and less or equal than 2.31.1', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2019-1010204', + title: 'CVE-2019-1010204 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcpp_file.h:644. The attack vector is: An ELF file with an invalid e_shoff header field must be opened.', + severity: 'Medium', + published: '2019-07-23', + updated: '2019-08-22', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + ], + references: [ + 'https://security.netapp.com/advisory/ntap-20190822-0001/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=23765', + 'https://support.f5.com/csp/article/K05032915?utm_source=f5support&utm_medium=RSS', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-1010204', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-1010204.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010204', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-14855 affects dirmngr', + id: '23504', + firedtimes: 382, + }, + data: { + vulnerability: { + package: { + name: 'dirmngr', + source: 'gnupg2', + version: '2.1.11-6ubuntu2.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'none', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-14855', + title: 'CVE-2019-14855 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.', + severity: 'Medium', + published: '2020-03-20', + updated: '2020-03-24', + state: 'Unfixed', + cwe_reference: 'CWE-327', + bugzilla_references: ['https://dev.gnupg.org/T4755'], + references: [ + 'https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14855', + 'https://dev.gnupg.org/T4755', + 'https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html', + 'https://rwc.iacr.org/2020/slides/Leurent.pdf', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-14855', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14855.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14855', + 'https://eprint.iacr.org/2020/014.pdf', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2016-5011 affects uuid-runtime', + id: '23504', + firedtimes: 395, + }, + data: { + vulnerability: { + package: { + name: 'uuid-runtime', + source: 'util-linux', + version: '2.27.1-6ubuntu3.10', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'complete', + }, + base_score: '4.700000', + }, + cvss3: { + vector: { + attack_vector: 'physical', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '4.300000', + }, + }, + cve: 'CVE-2016-5011', + title: 'CVE-2016-5011 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.', + severity: 'Medium', + published: '2017-04-11', + updated: '2017-04-17', + state: 'Unfixed', + cwe_reference: 'CWE-399', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830802', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1349536', + ], + references: [ + 'http://rhn.redhat.com/errata/RHSA-2016-2605.html', + 'http://www.openwall.com/lists/oss-security/2016/07/11/2', + 'http://www.securityfocus.com/bid/91683', + 'http://www.securitytracker.com/id/1036272', + 'http://www-01.ibm.com/support/docview.wss?uid=isg3T1024543', + 'http://www-01.ibm.com/support/docview.wss?uid=nas8N1021801', + 'https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/commit/?id=7164a1c3', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-5011', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5011.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5011', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2015-5191 affects open-vm-tools', + id: '23504', + firedtimes: 396, + }, + data: { + vulnerability: { + package: { + name: 'open-vm-tools', + version: '2:10.2.0-3~ubuntu0.16.04.1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '3.700000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'high', + privileges_required: 'low', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '6.700000', + }, + }, + cve: 'CVE-2015-5191', + title: 'CVE-2015-5191 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H', + severity: 'Medium', + published: '2017-07-28', + updated: '2017-08-08', + state: 'Unfixed', + cwe_reference: 'CWE-362', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869633', + ], + references: [ + 'http://www.securityfocus.com/bid/100011', + 'http://www.securitytracker.com/id/1039013', + 'https://www.vmware.com/security/advisories/VMSA-2017-0013.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2015-5191', + 'http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-5191.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5191', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2018-8975 affects netpbm', + id: '23504', + firedtimes: 397, + }, + data: { + vulnerability: { + package: { + name: 'netpbm', + source: 'netpbm-free', + version: '2:10.0-15.3', + architecture: 'amd64', + condition: 'Package less or equal than 10.81.03', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'medium', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'partial', + }, + base_score: '4.300000', + }, + cvss3: { + vector: { + attack_vector: 'local', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'required', + scope: 'unchanged', + confidentiality_impact: 'none', + integrity_impact: 'none', + availability: 'high', + }, + base_score: '5.500000', + }, + }, + cve: 'CVE-2018-8975', + title: + 'The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask.', + severity: 'Medium', + published: '2018-03-25', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-125', + references: [ + 'http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00056.html', + 'https://github.com/xiaoqx/pocs/blob/master/netpbm', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-8975', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 7, + description: 'CVE-2019-19232 affects sudo', + id: '23504', + firedtimes: 398, + }, + data: { + vulnerability: { + package: { + name: 'sudo', + version: '1.8.16-0ubuntu1.9', + architecture: 'amd64', + condition: 'Package less or equal than 1.8.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'none', + integrity_impact: 'partial', + availability: 'none', + }, + base_score: '5', + }, + }, + cve: 'CVE-2019-19232', + title: 'CVE-2019-19232 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + '** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions.', + severity: 'Medium', + published: '2019-12-19', + updated: '2020-01-30', + state: 'Fixed', + cwe_reference: 'NVD-CWE-noinfo', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947225', + ], + references: [ + 'http://seclists.org/fulldisclosure/2020/Mar/31', + 'https://access.redhat.com/security/cve/cve-2019-19232', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979', + 'https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870', + 'https://security.netapp.com/advisory/ntap-20200103-0004/', + 'https://support.apple.com/en-gb/HT211100', + 'https://support.apple.com/kb/HT211100', + 'https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2019-19232', + 'https://support2.windriver.com/index.php?page=defects&on=view&id=LIN1018-5506', + 'https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html', + 'https://www.oracle.com/security-alerts/bulletinapr2020.html', + 'https://www.sudo.ws/devel.html#1.8.30b2', + 'https://www.sudo.ws/stable.html', + 'https://www.tenable.com/plugins/nessus/133936', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-19232', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19232.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19232', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-12588 affects rsyslog', + id: '23506', + firedtimes: 64, + }, + data: { + vulnerability: { + package: { + name: 'rsyslog', + version: '8.16.0-1ubuntu3.1', + architecture: 'amd64', + condition: 'Package less or equal than 8.27.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-12588', + title: + 'The zmq3 input and output modules in rsyslog before 8.28.0 interpreted description fields as format strings, possibly allowing a format string attack with unspecified impact.', + severity: 'Critical', + published: '2017-08-06', + updated: '2017-08-14', + state: 'Fixed', + cwe_reference: 'CWE-134', + references: [ + 'https://github.com/rsyslog/rsyslog/blob/master/ChangeLog', + 'https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b', + 'https://github.com/rsyslog/rsyslog/pull/1565', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-12588', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-18342 affects python3-yaml', + id: '23506', + firedtimes: 65, + }, + data: { + vulnerability: { + package: { + name: 'python3-yaml', + source: 'pyyaml', + version: '3.11-3build1', + architecture: 'amd64', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-18342', + title: 'CVE-2017-18342 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + "In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data. The load() function has been deprecated in version 5.1 and the 'UnsafeLoader' has been introduced for backward compatibility with the function.", + severity: 'Critical', + published: '2018-06-27', + updated: '2019-06-24', + state: 'Unfixed', + cwe_reference: 'CWE-20', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902878', + ], + references: [ + 'https://github.com/marshmallow-code/apispec/issues/278', + 'https://github.com/yaml/pyyaml/blob/master/CHANGES', + 'https://github.com/yaml/pyyaml/issues/193', + 'https://github.com/yaml/pyyaml/pull/74', + 'https://github.com/yaml/pyyaml/wiki/PyYAML-yaml.load(input)-Deprecation', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEX7IPV5P2QJITAMA5Z63GQCZA5I6NVZ/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSQQMRUQSXBSUXLCRD3TSZYQ7SEZRKCE/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6JCFGEIEOFMWWIXGHSELMKQDD4CV2BA/', + 'https://security.gentoo.org/glsa/202003-45', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-18342', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18342.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18342', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15994 affects rsync', + id: '23506', + firedtimes: 66, + }, + data: { + vulnerability: { + package: { + name: 'rsync', + version: '3.1.1-3ubuntu1.3', + architecture: 'amd64', + condition: 'Package less or equal than 3.1.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15994', + title: + 'rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has significant use beyond the rsync developers, e.g., the code has been copied for use in various GitHub projects.', + severity: 'Critical', + published: '2017-10-29', + updated: '2019-10-03', + state: 'Fixed', + cwe_reference: 'CWE-354', + references: [ + 'https://git.samba.org/?p=rsync.git;a=commit;h=7b8a4ecd6ff9cdf4e5d3850ebf822f1e989255b3', + 'https://git.samba.org/?p=rsync.git;a=commit;h=9a480deec4d20277d8e20bc55515ef0640ca1e55', + 'https://git.samba.org/?p=rsync.git;a=commit;h=c252546ceeb0925eb8a4061315e3ff0a8c55b48b', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15994', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2019-9169 affects libc6', + id: '23506', + firedtimes: 68, + }, + data: { + vulnerability: { + package: { + name: 'libc6', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.29', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2019-9169', + title: 'CVE-2019-9169 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.', + severity: 'Critical', + published: '2019-02-26', + updated: '2019-04-16', + state: 'Fixed', + cwe_reference: 'CWE-125', + bugzilla_references: [ + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + ], + references: [ + 'http://www.securityfocus.com/bid/107160', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140', + 'https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142', + 'https://kc.mcafee.com/corporate/index?page=content&id=SB10278', + 'https://security.netapp.com/advisory/ntap-20190315-0002/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=24114', + 'https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9', + 'https://support.f5.com/csp/article/K54823184', + 'https://nvd.nist.gov/vuln/detail/CVE-2019-9169', + 'http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-9169.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9169', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2017-15088 affects krb5-locales', + id: '23506', + firedtimes: 73, + }, + data: { + vulnerability: { + package: { + name: 'krb5-locales', + source: 'krb5', + version: '1.13.2+dfsg-5ubuntu2.1', + architecture: 'all', + condition: 'Package unfixed', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2017-15088', + title: 'CVE-2017-15088 on Ubuntu 16.04 LTS (xenial) - negligible.', + rationale: + 'plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) in situations involving untrusted X.509 data, related to the get_matching_data and X509_NAME_oneline_ex functions. NOTE: this has security relevance only in use cases outside of the MIT Kerberos distribution, e.g., the use of get_matching_data in KDC certauth plugin code that is specific to Red Hat.', + severity: 'Critical', + published: '2017-11-23', + updated: '2019-10-09', + state: 'Unfixed', + cwe_reference: 'CWE-119', + bugzilla_references: [ + 'http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + ], + references: [ + 'http://www.securityfocus.com/bid/101594', + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871698', + 'https://bugzilla.redhat.com/show_bug.cgi?id=1504045', + 'https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4', + 'https://github.com/krb5/krb5/pull/707', + 'https://nvd.nist.gov/vuln/detail/CVE-2017-15088', + 'http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-15088.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15088', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2018-6485 affects libc-bin', + id: '23506', + firedtimes: 78, + }, + data: { + vulnerability: { + package: { + name: 'libc-bin', + source: 'glibc', + version: '2.23-0ubuntu11', + architecture: 'amd64', + condition: 'Package less or equal than 2.26', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2018-6485', + title: 'CVE-2018-6485 on Ubuntu 16.04 LTS (xenial) - medium.', + rationale: + 'An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption.', + severity: 'Critical', + published: '2018-02-01', + updated: '2019-12-10', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'http://bugs.debian.org/878159', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + ], + references: [ + 'http://bugs.debian.org/878159', + 'http://www.securityfocus.com/bid/102912', + 'https://access.redhat.com/errata/RHBA-2019:0327', + 'https://access.redhat.com/errata/RHSA-2018:3092', + 'https://security.netapp.com/advisory/ntap-20190404-0003/', + 'https://sourceware.org/bugzilla/show_bug.cgi?id=22343', + 'https://usn.ubuntu.com/4218-1/', + 'https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html', + 'https://nvd.nist.gov/vuln/detail/CVE-2018-6485', + 'http://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6485.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6485', + 'https://usn.ubuntu.com/usn/usn-4218-1', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7944 affects libxfixes3', + id: '23506', + firedtimes: 82, + }, + data: { + vulnerability: { + package: { + name: 'libxfixes3', + source: 'libxfixes', + version: '1:5.0.1-2', + architecture: 'amd64', + condition: 'Package less or equal than 5.0.2', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7944', + title: 'CVE-2016-7944 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-190', + bugzilla_references: [ + 'https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840442', + ], + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93361', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXfixes/commit/?id=61c1039ee23a2d1de712843bed3480654d7ef42e', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4CE6VJWBMOWLSCH4OP4TAEPIA7NP53ON/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GE43MDCRGS4R7MRRZNVSLREHRLU5OHCV/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7944', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7944.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7944', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7947 affects libxrandr2', + id: '23506', + firedtimes: 83, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7947', + title: 'CVE-2016-7947 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93365', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7947', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7947.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7947', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, + { + rule: { + level: 13, + description: 'CVE-2016-7948 affects libxrandr2', + id: '23506', + firedtimes: 84, + }, + data: { + vulnerability: { + package: { + name: 'libxrandr2', + source: 'libxrandr', + version: '2:1.5.0-1', + architecture: 'amd64', + condition: 'Package less or equal than 1.5.0', + }, + cvss: { + cvss2: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + authentication: 'none', + confidentiality_impact: 'partial', + integrity_impact: 'partial', + availability: 'partial', + }, + base_score: '7.500000', + }, + cvss3: { + vector: { + attack_vector: 'network', + access_complexity: 'low', + privileges_required: 'none', + user_interaction: 'none', + scope: 'unchanged', + confidentiality_impact: 'high', + integrity_impact: 'high', + availability: 'high', + }, + base_score: '9.800000', + }, + }, + cve: 'CVE-2016-7948', + title: 'CVE-2016-7948 on Ubuntu 16.04 LTS (xenial) - low.', + rationale: + 'X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.', + severity: 'Critical', + published: '2016-12-13', + updated: '2017-07-01', + state: 'Fixed', + cwe_reference: 'CWE-787', + references: [ + 'http://www.openwall.com/lists/oss-security/2016/10/04/2', + 'http://www.openwall.com/lists/oss-security/2016/10/04/4', + 'http://www.securityfocus.com/bid/93373', + 'http://www.securitytracker.com/id/1036945', + 'https://cgit.freedesktop.org/xorg/lib/libXrandr/commit/?id=a0df3e1c7728205e5c7650b2e6dce684139254a6', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74FFOHWYIKQZTJLRJWDMJ4W3WYBELUUG/', + 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7662OZWCSTLRPKS6R3E4Y4M26BSVAAM/', + 'https://lists.x.org/archives/xorg-announce/2016-October/002720.html', + 'https://security.gentoo.org/glsa/201704-03', + 'https://nvd.nist.gov/vuln/detail/CVE-2016-7948', + 'http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7948.html', + 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7948', + ], + assigner: 'cve@mitre.org', + cve_version: '4.0', + status: 'Active', + }, + }, + }, ];